https://twitter.com/cyb3rops
https://twitter.com/cyb3rops/status/1266254352240439297
https://t.co/vWSj6Y1xWQ
https://securelist.com/the-zero-day-exploits-of-operation-wizardopium/97086/
https://twitter.com/cyb3rops/status/1266086273892200450
https://t.co/oR6VwZzb1N
https://github.com/Neo23x0/signature-base/commit/10c7f912b2561c64fce955427284adbf7d33644b
https://twitter.com/cyb3rops/status/1266076640645431298
https://t.co/47BZChYe9c
https://twitter.com/m4lwatch/status/1207199856546242560
https://twitter.com/cyb3rops/status/1266071672148426752
https://t.co/hOLiz6f6yR
https://github.com/Neo23x0/Fenrir/releases/tag/v0.7.2
https://twitter.com/cyb3rops/status/1266066339837419521
https://twitter.com/cyb3rops/status/1266065876249456642
https://t.co/3LwM8hVODb
https://t.co/J3Iw74xv9n
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_sandworm_exim_expl.yar
https://twitter.com/NSACyber/status/1266022426317643778
https://twitter.com/cyb3rops/status/1266055556135092224
https://twitter.com/cyb3rops/status/1266036367689220102
https://twitter.com/cyb3rops/status/1266033954555076610
https://t.co/3LwM8hVODb
https://t.co/J3Iw74xv9n
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_sandworm_exim_expl.yar
https://twitter.com/NSACyber/status/1266022426317643778
https://twitter.com/cyb3rops/status/1265990364000854019
https://t.co/WybkPJlwx2
https://twitter.com/chrissanders88/status/1265274361386348545
https://twitter.com/cyb3rops/status/1265960358268882944
https://twitter.com/cyb3rops/status/1265940400327581697
https://twitter.com/cyb3rops/status/1265654582073602048
https://t.co/A9igqVa2rx
https://www.cyberscoop.com/german-intelligence-memo-berserk-bear-critical-infrastructure/
https://twitter.com/cyb3rops/status/1265336710759698434
https://twitter.com/cyb3rops/status/1265174624016400389
https://t.co/RxiK5frsGv
https://www.brighttalk.com/webcast/15591/409779
https://twitter.com/cyb3rops/status/1264886279185084417
https://twitter.com/cyb3rops/status/1264883072371228675
https://t.co/UCRPUi6TuI
https://t.co/cPUUYCzCF4
https://udger.com/resources/mac-address-vendor-detail?name=raspberry_pi_foundation
https://twitter.com/tfornez/status/1262747748547194888
https://twitter.com/cyb3rops/status/1264823578236764160
https://t.co/cu2yjTQEur
https://github.com/NextronSystems/nextron-helper-scripts/blob/master/thor-seed/thor-seed.ps1
https://twitter.com/cyb3rops/status/1264820153868587009
https://twitter.com/cyb3rops/status/1264816406438297602
https://twitter.com/cyb3rops/status/1264815752605061126
https://twitter.com/cyb3rops/status/1264814952377913344
https://twitter.com/cyb3rops/status/1264814038321684481
https://twitter.com/cyb3rops/status/1264812299459727361
https://twitter.com/cyb3rops/status/1264803121458565120
https://twitter.com/cyb3rops/status/1264796364833271808
https://t.co/CmyDxlPMCb
https://twitter.com/markstyron/status/1264513487113502720
https://twitter.com/cyb3rops/status/1264442506218999808
https://twitter.com/cyb3rops/status/1264441492317384709
https://t.co/kJFtYzvBdG
https://t.co/mNafSD9lzl
https://github.com/NextronSystems/nextron-helper-scripts/blob/master/thor-seed/README.md
https://www.nextron-systems.com/thor-cloud/microsoft-defender-atp/
https://twitter.com/cyb3rops/status/1264268195902390272
https://t.co/gG1xDLRnjz
https://www.nextron-systems.com/thor-lite/
https://twitter.com/cyb3rops/status/1264253257138003968
https://t.co/TW5s33D8gY
https://www.nextron-systems.com/2020/05/23/upcoming-changes-in-thor-v10-5/
https://twitter.com/cyb3rops/status/1264252621390524417
https://twitter.com/cyb3rops/status/1264252067553718272
https://t.co/qAdxDfXmOI
https://www.nextron-systems.com/2020/03/20/thor-lite-free-yara-and-ioc-scanner/
https://twitter.com/cyb3rops/status/1264217704208138241
https://twitter.com/cyb3rops/status/1264209765879726080
https://twitter.com/cyb3rops/status/1264207751712059393
https://twitter.com/cyb3rops/status/1264166014058672128
https://t.co/PZPQvkqoJ7
https://www.bitdefender.com/files/News/CaseStudies/study/332/Bitdefender-Whitepaper-Chafer-creat4491-en-EN-interactive.pdf
https://twitter.com/cyb3rops/status/1264130670932230144
https://twitter.com/cyb3rops/status/1264130410470088704
https://t.co/KKpq7v8fcI
https://github.com/Neo23x0/sigma/pull/781
https://twitter.com/cyb3rops/status/1264129822839758848
https://twitter.com/cyb3rops/status/1264124670250450944
https://t.co/qSO3VjkvaC
https://t.co/AuvtSPwPUP
https://twitter.com/langnergroup/status/1263936955794051073?s=21
https://twitter.com/langnergroup/status/1263936955794051073
https://twitter.com/cyb3rops/status/1264123461645058048
https://twitter.com/cyb3rops/status/1264086975038066688
https://t.co/OTuMEe5ph0
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_cve-2020-1048.yml
https://twitter.com/cyb3rops/status/1263898984290168835
https://twitter.com/cyb3rops/status/1263897814322610177
https://twitter.com/cyb3rops/status/1263850283332968450
https://twitter.com/cyb3rops/status/1263846733316063232
https://twitter.com/cyb3rops/status/1263842834450468864
https://twitter.com/cyb3rops/status/1263816971692507136
https://twitter.com/cyb3rops/status/1263816679626326016
https://twitter.com/cyb3rops/status/1263751799107960832
https://twitter.com/cyb3rops/status/1263728104167690241
https://twitter.com/cyb3rops/status/1263728047263449090
https://twitter.com/cyb3rops/status/1263707730180747269
https://twitter.com/cyb3rops/status/1263434111370309633
https://twitter.com/cyb3rops/status/1263404330180382720
https://twitter.com/cyb3rops/status/1263400912074260483
https://twitter.com/cyb3rops/status/1263397624713039877
https://twitter.com/cyb3rops/status/1263394064331923456
https://twitter.com/cyb3rops/status/1263393181867151361
https://twitter.com/cyb3rops/status/1263379089819406336
https://t.co/AFGMHCz45Z
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_apt_greenbug_may20.yml
https://twitter.com/cyb3rops/status/1263368129624891392
https://t.co/NDRBLhRxp5
https://twit.tv/shows/twit-news/episodes/354
https://twitter.com/cyb3rops/status/1263356464258744322
https://twitter.com/cyb3rops/status/1263346363959586817
https://twitter.com/cyb3rops/status/1263344330581868544
https://twitter.com/cyb3rops/status/1263339700938510336
https://t.co/bJViKdcIN9
https://twitter.com/aemkei/status/1262872762621837314
https://twitter.com/cyb3rops/status/1263338892419358720
https://twitter.com/cyb3rops/status/1263337648493604865
https://twitter.com/cyb3rops/status/1263337143080026112
https://twitter.com/cyb3rops/status/1263335306650177539
https://twitter.com/cyb3rops/status/1263331132675948551
https://twitter.com/cyb3rops/status/1263165732168359938
https://t.co/dqrAu0u51s
https://imgflip.com/memegenerator/123381123/Mr-robot
https://twitter.com/cyb3rops/status/1263148154930827265
https://twitter.com/cyb3rops/status/1263125791757475840
https://twitter.com/cyb3rops/status/1263059670010298369
https://twitter.com/cyb3rops/status/1263031738109956096
https://twitter.com/cyb3rops/status/1263027546750439426
https://twitter.com/cyb3rops/status/1262984886010421251
https://twitter.com/cyb3rops/status/1262984264330723328
https://twitter.com/cyb3rops/status/1262981945610440704
https://twitter.com/cyb3rops/status/1262980519593197568
https://twitter.com/cyb3rops/status/1262808676936663040
https://twitter.com/cyb3rops/status/1262808006904905734
https://twitter.com/cyb3rops/status/1262806125763866625
https://twitter.com/cyb3rops/status/1262798036289359879
https://twitter.com/cyb3rops/status/1262776469509541895
https://t.co/2Kz4SToPbJ
https://twitter.com/_RastaMouse/status/1259766343391481858
https://twitter.com/cyb3rops/status/1262759578409684992
https://t.co/On9Xn8Tix9
https://github.com/FSecureLABS/C3
https://twitter.com/cyb3rops/status/1262756909439832064
https://twitter.com/cyb3rops/status/1262756085892440064
https://twitter.com/cyb3rops/status/1262754838825152517
https://t.co/IC2eTk3Bok
https://twitter.com/FSecureLabs/status/1262731563005095936
https://twitter.com/cyb3rops/status/1262425937490186240
https://t.co/EBJ3Le08Z3
https://t.co/TrHpPZkzQQ
https://github.com/Neo23x0/sigma/blob/master/other/godmode_sigma_rule.yml
https://pastebin.com/HXeyC5PL
https://twitter.com/cyb3rops/status/1262417524462927872
https://twitter.com/cyb3rops/status/1262416416382345222
https://twitter.com/cyb3rops/status/1262408696010813443
https://twitter.com/cyb3rops/status/1262401484731318273
https://twitter.com/cyb3rops/status/1262394664679849989
https://twitter.com/cyb3rops/status/1262391016465797124
https://twitter.com/cyb3rops/status/1262382295157276676
https://t.co/nllFG6RdHz
https://www.attack-community.org/event/
https://twitter.com/cyb3rops/status/1261964625790279682
https://twitter.com/cyb3rops/status/1261962865537409029
https://twitter.com/cyb3rops/status/1261961915301052418
https://twitter.com/cyb3rops/status/1261945037262290944
https://t.co/nnXQollgAX
https://www.obdev.at/support/contact/littlesnitch
https://twitter.com/cyb3rops/status/1261943069169115136
https://twitter.com/cyb3rops/status/1261940051644219392
https://twitter.com/cyb3rops/status/1261938469070397440
https://twitter.com/cyb3rops/status/1261935817976696832
https://twitter.com/cyb3rops/status/1261924898546606080
https://twitter.com/cyb3rops/status/1261627340104368128
https://t.co/Qsfxehkz8b
https://github.com/Neo23x0/signature-base/blob/master/yara/crime_academic_data_centers_camp_may20.yar
https://twitter.com/cyb3rops/status/1261617955210760192
https://t.co/HiiokdULXV
https://t.co/FHoAKDbdXN
https://csirt.egi.eu/academic-data-centers-abused-for-crypto-currency-mining/
https://github.com/Neo23x0/Fenrir/releases/tag/v0.7.0-academic
https://twitter.com/cyb3rops/status/1261587882067857408
https://t.co/SmGWn38Xjs
https://t.co/6aLpnIduU2
https://t.co/uIH1AwTVex
https://t.co/OzrQFZwLOQ
https://jitsi.org/jitsi-meet/
https://jitsi.org/security/
https://en.wikipedia.org/wiki/Comparison_of_web_conferencing_software
https://github.com/jitsi/jitsi-meet/wiki/Jitsi-Meet-Instances
https://twitter.com/cyb3rops/status/1261328559261519872
https://t.co/xTcNfHWw6c
https://twitter.com/netbiosX/status/1261310127090675713
https://twitter.com/cyb3rops/status/1261308676192768000
https://t.co/0RWn1m9KQF
https://objective-see.com/products/lulu.html
https://twitter.com/cyb3rops/status/1261254105831542784
https://t.co/4Ur7JGkjvi
https://marketplace.visualstudio.com/items?itemName=whizkydee.material-palenight-theme
https://twitter.com/cyb3rops/status/1261243703454285825
https://t.co/OTuMEe5ph0
https://t.co/QCLX9t4cnA
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_cve-2020-1048.yml
https://windows-internals.com/printdemon-cve-2020-1048/
https://twitter.com/cyb3rops/status/1260982042768089088
https://t.co/gG1xDLRnjz
https://www.nextron-systems.com/thor-lite/
https://twitter.com/cyb3rops/status/1260888400082673665
https://twitter.com/cyb3rops/status/1260848623610482694
https://twitter.com/cyb3rops/status/1260661912003584000
https://twitter.com/cyb3rops/status/1260552063248994304
https://t.co/jdhhFk1IOd
https://twitter.com/cBekrar/status/1260543284008456192
https://twitter.com/cyb3rops/status/1260530085922312192
https://t.co/AuKrPW7spf
https://valhalla.nextron-systems.com/
https://twitter.com/cyb3rops/status/1260270083521339399
https://t.co/niVJGfIFWi
https://pyattck.readthedocs.io/en/latest/enterprise/actor.html
https://twitter.com/cyb3rops/status/1260268197292453889
https://t.co/WB0ui6SKpI
https://attack.mitre.org/groups/
https://twitter.com/cyb3rops/status/1260229687021838339
https://twitter.com/cyb3rops/status/1260217581757255681
https://t.co/HvFTwXHH2C
https://twitter.com/thor_scanner/status/1260180837104041985
https://twitter.com/cyb3rops/status/1260216518719176712
https://t.co/BXfh7xufGn
https://github.com/OpenCTI-Platform/connectors/pull/135
https://twitter.com/cyb3rops/status/1259925690884988930
https://t.co/plW6bJimBQ
https://github.com/Neo23x0/sigma/pull/743/files
https://twitter.com/cyb3rops/status/1259390318333566976
https://twitter.com/cyb3rops/status/1259382642417467396
https://twitter.com/cyb3rops/status/1258736526424408067
https://t.co/1PcYz59ZSD
https://www.reuters.com/article/us-russia-germany-cyber/russian-hackers-accessed-emails-from-merkels-constituency-office-der-spiegel-idUSKBN22K12X
https://twitter.com/cyb3rops/status/1258675847281676288
https://twitter.com/cyb3rops/status/1258332189349085184
https://twitter.com/cyb3rops/status/1258329786419744768
https://t.co/4Tbqt0ntmE
https://twitter.com/KitPloit/status/1258153157655478280
https://twitter.com/cyb3rops/status/1258325930428305408
https://twitter.com/cyb3rops/status/1258294968231264256
https://t.co/77DhVvMiDu
https://support.apple.com/en-us/HT204609
https://twitter.com/cyb3rops/status/1258293819549847553
https://twitter.com/cyb3rops/status/1258027189284614144
https://twitter.com/cyb3rops/status/1257752547097563137
https://twitter.com/cyb3rops/status/1257727533023453184
https://t.co/aiOzVLOxhn
https://research.checkpoint.com/2020/nazar-spirits-of-the-past/
https://twitter.com/cyb3rops/status/1257651369735004160
https://twitter.com/cyb3rops/status/1257591634008604672
https://twitter.com/cyb3rops/status/1257075560548794368
https://twitter.com/cyb3rops/status/1257000984980729857
https://twitter.com/cyb3rops/status/1256991270041522182
https://twitter.com/cyb3rops/status/1256978971134222339
https://twitter.com/cyb3rops/status/1256970331811655682
https://twitter.com/cyb3rops/status/1256937975071604737
https://t.co/EeaO95fFxj
https://github.com/Neo23x0/sigma
https://twitter.com/cyb3rops/status/1256919615948623873
https://twitter.com/cyb3rops/status/1256903511649988609
https://t.co/K6KFYYOfXf
https://docs.microsoft.com/en-us/windows-server/administration/windows-commands/wscript
https://twitter.com/cyb3rops/status/1256902903874424834
https://twitter.com/cyb3rops/status/1256890561316950017
https://twitter.com/cyb3rops/status/1256885075058331648
https://twitter.com/cyb3rops/status/1256852799662350338
https://t.co/EeaO94Y48J
https://github.com/Neo23x0/sigma
https://twitter.com/cyb3rops/status/1256851872209670144
https://twitter.com/cyb3rops/status/1256847404395106309
https://t.co/DfY9sUYscn
https://www.forbes.com/sites/thomasbrewster/2020/04/30/exclusive-warning-over-chinese-mobile-giant-xiaomi-recording-millions-of-peoples-private-web-and-phone-use/
https://twitter.com/cyb3rops/status/1255867710770159617
https://t.co/iAYyjI4hjT
https://attack.socprime.com/#!/
https://twitter.com/cyb3rops/status/1255764555055206401
https://t.co/Z91BzEXoJN
https://t.co/OO52GMQ08m
https://t.co/JtP1NfqufP
https://www.volexity.com/company/careers/malware-reverse-engineer/
https://jobs.swisscom.ch/professionals/offene-stellen/experienced-professionals/senior-security-analyst-csirt/24b28bb5-00f1-40d2-a96b-81e069b5878e
https://www.fireeye.com/company/jobs.html
https://twitter.com/cyb3rops/status/1255544250957287426
https://t.co/5dvk1W9vIS
https://twitter.com/Sebdraven/status/1255521881165307911
https://twitter.com/cyb3rops/status/1255472418866573315
https://t.co/l0Fdh23MZX
https://support.office.com/en-us/article/save-disk-space-with-onedrive-files-on-demand-for-windows-10-0e6860d3-d9f3-4971-b321-7092438fb38e
https://twitter.com/cyb3rops/status/1255472213890863104
https://twitter.com/cyb3rops/status/1255433959598624770
https://twitter.com/cyb3rops/status/1255433219824107522
https://twitter.com/cyb3rops/status/1255432840600326144
https://t.co/SsxFVCa0Xp
https://github.com/mandatoryprogrammer/ChromeGalvanizer
https://twitter.com/cyb3rops/status/1255431667373793282
https://twitter.com/cyb3rops/status/1255429602434060288
https://t.co/CTuiVMBxub
https://github.com/VirusTotal/yara/wiki/Backward-incompatible-changes-in-YARA-4.0-API
https://twitter.com/cyb3rops/status/1255428959644286977
https://twitter.com/cyb3rops/status/1255426980041932800
https://t.co/pvWCkYxp0M
https://twitter.com/plusvic/status/1255422662261825537
https://twitter.com/cyb3rops/status/1255422153287184389
https://twitter.com/cyb3rops/status/1255417030569852930
https://twitter.com/cyb3rops/status/1255410440743653377
https://twitter.com/cyb3rops/status/1255409526980972544
https://twitter.com/cyb3rops/status/1255408203698974723
https://twitter.com/cyb3rops/status/1255403802053808128
https://twitter.com/cyb3rops/status/1255197934993518595
https://t.co/Qxjo0e8r6h
https://www.youtube.com/playlist?list=PLN43v68nCimt-EN-1m14de94h3Fyf0PbQ
https://twitter.com/cyb3rops/status/1255032550327824384
https://twitter.com/cyb3rops/status/1255024180975865858
https://t.co/cgewdwSCYz
https://twitter.com/SwiftForensics/status/1254896464305815555
https://twitter.com/cyb3rops/status/1255023476366245888
https://t.co/nXr4x7Y754
https://twitter.com/IAmMandatory/status/1254865271631699968
https://twitter.com/cyb3rops/status/1254798092202803200
https://t.co/iImSS0MtC0
https://analyze.intezer.com/#/analyze
https://twitter.com/cyb3rops/status/1254787529292709888
https://twitter.com/cyb3rops/status/1254454101422878720
https://t.co/6401UWxLk7
https://sensepost.com/blog/2020/attacking-smart-cards-in-active-directory/
https://twitter.com/cyb3rops/status/1253658711769452546
https://t.co/9IOsfo4Z46
http://correlatedsecurity.com/introducing-speed-use-case-framework-v1-0/
https://twitter.com/cyb3rops/status/1253593767594131458
https://t.co/q3SsivoCHJ
https://t.co/1G6gYyHrR2
https://github.com/elastic/ecs/issues/623
https://github.com/elastic/ecs/issues/570
https://twitter.com/cyb3rops/status/1253568780426448896
https://t.co/dZWP9uXeW7
https://github.com/Neo23x0/sigma/blob/master/README.md#supported-targets
https://twitter.com/cyb3rops/status/1253380149992730630
https://twitter.com/cyb3rops/status/1253378803226808320
https://twitter.com/cyb3rops/status/1253299011026661376
https://twitter.com/cyb3rops/status/1253290280352190465
https://twitter.com/cyb3rops/status/1253280140953636864
https://twitter.com/cyb3rops/status/1253279577507536896
https://t.co/ezxbbFf2qq
https://github.com/elastic/ecs/blob/a59e76c76c28db475262c80bd9a617615efe079d/generated/elasticsearch/7/template.json#L14
https://twitter.com/cyb3rops/status/1252983825371725824
https://t.co/keeaP3pQp7
https://t.co/2Inbw61Frl
https://youtu.be/QImyKDvryq8
https://twitter.com/craiu/status/1252876649911087105
https://twitter.com/cyb3rops/status/1252975095011782657
https://t.co/ZVx35jU7iJ
https://twitter.com/thor_scanner/status/1252943825351434242
https://twitter.com/cyb3rops/status/1252936423663194112
https://twitter.com/cyb3rops/status/1252880284694966276
https://twitter.com/cyb3rops/status/1252612390996377600
https://t.co/97IbNGCBnJ
https://twitter.com/virusbtn/status/1252609293691564034
https://twitter.com/cyb3rops/status/1252500294770065410
https://twitter.com/cyb3rops/status/1252497082973327360
https://t.co/w1jibzXmhj
https://twitter.com/QuoIntelligence/status/1252317015349645315
https://twitter.com/cyb3rops/status/1252192543015669762
https://t.co/f25wD55ouG
https://medium.com/@cycraft_corp/taiwan-high-tech-ecosystem-targeted-by-foreign-apt-group-5473d2ad8730
https://twitter.com/cyb3rops/status/1251599978797113347
https://twitter.com/cyb3rops/status/1251445349014790146
https://t.co/S8Ypf6polU
https://t.co/20DvbSdnoi
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_apt41.yar#L223
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_susp_obfuscation.yar#L45
https://twitter.com/cyb3rops/status/1251442593558388736
https://twitter.com/cyb3rops/status/1251133301760290820
https://twitter.com/cyb3rops/status/1251131093815828480
https://twitter.com/cyb3rops/status/1251130528096542726
https://twitter.com/cyb3rops/status/1251129156512997376
https://twitter.com/cyb3rops/status/1251110052221640704
https://twitter.com/cyb3rops/status/1251102535093551105
https://twitter.com/cyb3rops/status/1251054628097196033
https://twitter.com/cyb3rops/status/1251054437109555201
https://twitter.com/cyb3rops/status/1250774964334219264
https://twitter.com/cyb3rops/status/1250756060710866945
https://twitter.com/cyb3rops/status/1250738504587456513
https://twitter.com/cyb3rops/status/1250735794056245248
https://twitter.com/cyb3rops/status/1250731435364945920
https://t.co/7srg6CXqAJ
https://twitter.com/mrgretzky/status/1250725656029204481
https://twitter.com/cyb3rops/status/1250713108626182144
https://twitter.com/cyb3rops/status/1250044491354058756
https://t.co/tH3KLKqIDG
https://unit42.paloaltonetworks.com/apt41-using-new-speculoos-backdoor-to-target-organizations-globally/
https://twitter.com/cyb3rops/status/1248629382060675073
https://twitter.com/cyb3rops/status/1248515016225161216
https://twitter.com/cyb3rops/status/1248207937987907585
https://t.co/9ECHpohdrQ
https://medium.com/@cyb3rops/how-to-write-good-tweets-445c39081627
https://twitter.com/cyb3rops/status/1248152941212708864
https://t.co/fjpe19xdwZ
https://twitter.com/JohnLaTwC/status/1247217738470158336
https://twitter.com/cyb3rops/status/1248143997681401856
https://twitter.com/cyb3rops/status/1247882049777594374
https://twitter.com/cyb3rops/status/1247869454048022529
https://t.co/VfcQRBVUBA
https://web.archive.org/web/20160825001253/http://www.kaspersky.com/about/news/virus/2013/Kaspersky_Lab_exposes_Icefog_a_new_cyber-espionage_campaign_focusing_on_supply_chain_attacks
https://twitter.com/cyb3rops/status/1247815026146267136
https://t.co/dPRRmA6rHj
https://blogs.blackberry.com/en/2020/04/decade-of-the-rats
https://twitter.com/cyb3rops/status/1247551599662239744
https://t.co/x41ah5tPnw
https://analyze.intezer.com/#/analyses/28444152-92c6-4307-97c8-be84ade917de
https://twitter.com/cyb3rops/status/1247518670886068224
https://twitter.com/cyb3rops/status/1247410113373184001
https://twitter.com/cyb3rops/status/1247185607463522306
https://twitter.com/cyb3rops/status/1247176443165114368
https://twitter.com/cyb3rops/status/1247176008895266818
https://twitter.com/cyb3rops/status/1247174786213699590
https://twitter.com/cyb3rops/status/1247174229847670784
https://t.co/VMJTxUNu7x
https://t.co/wHuE5swk5y
https://t.co/nMB8FDLlcs
https://t.co/BK7b1zMzAt
https://www.virustotal.com/gui/file/4efd311456720ef2c95ff2808a674d95dce1c3ef483ac83623142828282d6190/community
https://pastebin.com/fA3MjDmE
https://gchq.github.io/CyberChef/#recipe=Reverse('Character')Find_/_Replace(%7B'option':'Simple%20string','string':'%7B'%7D,'A',true,false,true,false)From_Base64('A-Za-z0-9%2B/%3D',true)
https://www.virustotal.com/gui/file/6626a3c5681bd7214310dd928370a95b180f89a3cad0037d86f0703e4395c8a6/detection
https://twitter.com/cyb3rops/status/1247173378349379584
https://twitter.com/cyb3rops/status/1247133540585742338
https://twitter.com/cyb3rops/status/1247132009282949120
https://twitter.com/cyb3rops/status/1247127585101885441
https://twitter.com/cyb3rops/status/1247090475678515201
https://twitter.com/cyb3rops/status/1247089975360880641
https://twitter.com/cyb3rops/status/1247076670298894336
https://t.co/wvGlShr7l7
https://t.co/2wEEQOa2e3
https://t.co/jvNVDvMftU
https://t.co/RZcvSTK1XA
https://www.nextron-systems.com/2018/06/20/thor-util-with-html-report-generation/
https://splunkbase.splunk.com/app/3717/
https://splunkbase.splunk.com/app/3718/
https://twitter.com/thor_scanner/status/1246742750252412933
https://twitter.com/cyb3rops/status/1247073575078682624
https://t.co/nsZkgTTxLk
https://gist.github.com/Neo23x0/e3d4e316d7441d9143c7
https://twitter.com/cyb3rops/status/1247057697301762048
https://t.co/TY975d2ydc
https://aws.amazon.com/cloudtrail/
https://twitter.com/cyb3rops/status/1246868267811160064
https://twitter.com/cyb3rops/status/1246015988694503429
https://twitter.com/cyb3rops/status/1246013613422280704
https://t.co/rT7IQmScSV
https://twitter.com/felixaime/status/1245994213206036480
https://twitter.com/cyb3rops/status/1245628110193610752
https://t.co/RkI1GKpVTd
https://t.co/DDw4KNScQO
https://www.hybrid-analysis.com/sample/7050af905f1696b2b8cdb4c6e6805a618addf5acfbd4edc3fc807a663016ab26?environmentId=110
https://twitter.com/RedDrip7/status/1245557988401623040
https://twitter.com/cyb3rops/status/1245626340960698370
https://twitter.com/cyb3rops/status/1245625424865980418
https://t.co/7VcsfjLgZe
https://twitter.com/thor_scanner/status/1245623843726585866
https://twitter.com/cyb3rops/status/1245618093927227393
https://twitter.com/cyb3rops/status/1245432930446557185
https://t.co/c8dAPfyEvS
https://www.bloomberg.com/news/articles/2020-04-01/china-concealed-extent-of-virus-outbreak-u-s-intelligence-says
https://twitter.com/cyb3rops/status/1245424186228703232
https://t.co/WsDRgWGRLS
https://pastebin.com/p50054gp
https://twitter.com/cyb3rops/status/1245386267984084993
https://t.co/BYCFlyPgIw
https://www.virustotal.com/gui/file/306f5734d7a8eaafbac45a814f3c25c5c93f89afad9794c78f57a84fcd5396d2/detection
https://twitter.com/cyb3rops/status/1245378774490849280
https://t.co/O7D94EvTM4
https://t.co/SXEPdX1JHt
https://www.virustotal.com/gui/file/240c6f3866109e3dbe80eb2f3a4d58aa0464b10a773dea58b16c59822931598a/community
https://www.us-cert.gov/ncas/analysis-reports/ar19-252b
https://twitter.com/cyb3rops/status/1245285774511259648
https://t.co/376Y1W0g8G
https://twitter.com/cyb3rops/status/1112760057425551360?lang=en
https://twitter.com/cyb3rops/status/1245284768826241024
https://t.co/vAkEGt4ZRB
https://www.reuters.com/article/us-health-coronavirus-april-fools/countries-threaten-jail-for-april-fools-day-jokes-about-coronavirus-idUSKBN21I2QH
https://twitter.com/cyb3rops/status/1245271050377670656
https://twitter.com/cyb3rops/status/1245047573859139587
https://t.co/BE9QuA3lro
https://github.com/NextronSystems/nextron-helper-scripts/tree/master/thor-seed
https://twitter.com/cyb3rops/status/1245016362973630464
https://t.co/KeeYu9Dew3
https://www.brighttalk.com/webcast/15591/388802/upping-the-apt-hunting-game-learn-the-best-yara-practices-from-kaspersky
https://twitter.com/cyb3rops/status/1244965997368487936
https://twitter.com/cyb3rops/status/1244962596224188416
https://t.co/BE9QuA3lro
https://github.com/NextronSystems/nextron-helper-scripts/tree/master/thor-seed
https://twitter.com/cyb3rops/status/1244912622853595136
https://t.co/EQbmvt7yle
https://www.virustotal.com/gui/search/jsfuck/comments
https://twitter.com/cyb3rops/status/1244897442245619713
https://t.co/6YnVt00cjn
https://www.nextron-systems.com/compare-our-scanners/
https://twitter.com/cyb3rops/status/1244892872085843968
https://t.co/EQbmvt7yle
https://www.virustotal.com/gui/search/jsfuck/comments
https://twitter.com/cyb3rops/status/1244890720328208384
https://twitter.com/cyb3rops/status/1244705890873356291
https://twitter.com/cyb3rops/status/1244686469177978881
https://twitter.com/cyb3rops/status/1244676023117119491
https://twitter.com/cyb3rops/status/1244675890476351489
https://t.co/d2a5iwiS4S
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_file_anomalies.yar
https://twitter.com/cyb3rops/status/1244538987152396289
https://t.co/pZfTNUoqfI
https://t.co/vnIkXtsggN
https://jsac.jpcert.or.jp/archive/2020/pdf/JSAC2020_8_koike-nakajima_jp.pdf
https://twitter.com/Sebdraven/status/1244532660690718722
https://twitter.com/cyb3rops/status/1244280653098684416
https://twitter.com/cyb3rops/status/1244232883197415424
https://twitter.com/cyb3rops/status/1244214208612401157
https://twitter.com/cyb3rops/status/1244212306793451520
https://twitter.com/cyb3rops/status/1244208811457622017
https://twitter.com/cyb3rops/status/1244191711766745089
https://t.co/8lZCPTVM7j
https://github.com/Neo23x0/sigma/pull/682
https://twitter.com/cyb3rops/status/1244188221271150593
https://twitter.com/cyb3rops/status/1244183981647691776
https://t.co/dcrL0ykN3o
https://www.carbonblack.com/2020/03/26/the-dukes-of-moscow/
https://twitter.com/cyb3rops/status/1243581218307874817
https://t.co/3fYbgzrgAn
https://www.pentesteracademy.com/
https://twitter.com/cyb3rops/status/1243528662395355136
https://t.co/KNGk5c8rXK
https://blogs.technet.microsoft.com/secguide/2016/01/22/new-tool-policy-analyzer/
https://twitter.com/cyb3rops/status/1243471366130720768
https://t.co/pimrdk5dRL
https://docs.microsoft.com/en-us/windows-server/identity/securing-privileged-access/securing-privileged-access-reference-material#administrative-tools-and-logon-types
https://twitter.com/cyb3rops/status/1243204269156847616
https://twitter.com/cyb3rops/status/1243174498049961984
https://twitter.com/cyb3rops/status/1242812417056407553
https://t.co/9rboslkOj1
https://t.co/VTx7AmtNko
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_exploit_cve_2020_10189.yml
https://www.fireeye.com/blog/threat-research/2020/03/apt41-initiates-global-intrusion-campaign-using-multiple-exploits.html
https://twitter.com/cyb3rops/status/1242414331020664832
https://twitter.com/cyb3rops/status/1242388740183666688
https://twitter.com/cyb3rops/status/1242194355781283841
https://t.co/fUOIFifA5a
https://t.co/gxuq9PmcBH
https://www.nextron-systems.com/thor/license-packs/
https://www.nextron-systems.com/get-started/
https://twitter.com/cyb3rops/status/1242188637346893824
https://twitter.com/cyb3rops/status/1242184821289476097
https://twitter.com/cyb3rops/status/1242183771975290881
https://twitter.com/cyb3rops/status/1242183614323994633
https://twitter.com/cyb3rops/status/1242181200720154624
https://twitter.com/cyb3rops/status/1242179323496456199
https://twitter.com/cyb3rops/status/1242178906460995584
https://twitter.com/cyb3rops/status/1242177874037288962
https://t.co/Mpo8cn1LFR
https://www.nextron-systems.com/2018/06/28/spark-applies-sigma-rules-in-eventlog-scan/
https://twitter.com/cyb3rops/status/1242177488459051010
https://twitter.com/cyb3rops/status/1242083444668141568
https://t.co/siS4P22oyH
https://twitter.com/thor_scanner/status/1242075992488849411
https://twitter.com/cyb3rops/status/1241684149435609088
https://t.co/tKrGAHXi7N
https://twitter.com/cyb3rops/status/1241654544167317504
https://twitter.com/cyb3rops/status/1241678756747661312
https://twitter.com/cyb3rops/status/1241677326582255617
https://twitter.com/cyb3rops/status/1241677267387977729
https://twitter.com/cyb3rops/status/1241667033382760449
https://twitter.com/cyb3rops/status/1241654544167317504
https://t.co/ot0QPgFWYM
https://www.washingtonpost.com/opinions/2020/03/17/china-cared-more-about-suppressing-information-than-suppressing-virus-thats-why-were-here/
https://twitter.com/cyb3rops/status/1240637893212884995
https://twitter.com/cyb3rops/status/1240565060805832704
https://t.co/oDnTvkP7EB
https://github.com/nazywam/AutoIt-Ripper
https://twitter.com/cyb3rops/status/1240564351930597376
https://t.co/YNuzgYh10F
https://www.bleepingcomputer.com/news/security/ransomware-gangs-to-stop-attacking-health-orgs-during-pandemic/
https://twitter.com/cyb3rops/status/1240413177021632512
https://twitter.com/cyb3rops/status/1240239825162207233
https://twitter.com/cyb3rops/status/1239961395439042564
https://twitter.com/cyb3rops/status/1239941796261761024
https://t.co/8lIsQh8SLf
https://www.theguardian.com/world/2020/mar/05/chinese-social-media-censoring-officially-sanctioned-facts-on-coronavirus
https://twitter.com/cyb3rops/status/1239936777240162305
https://twitter.com/cyb3rops/status/1239904679431221255
https://t.co/wSN0ZgPBtv
https://www.nytimes.com/2020/03/14/world/asia/china-ren-zhiqiang.html
https://twitter.com/cyb3rops/status/1239887178018238464
https://twitter.com/cyb3rops/status/1239832767254446082
https://t.co/Bj1TrJVGO0
https://github.com/Neo23x0/sigma/pull/659
https://twitter.com/cyb3rops/status/1239255107373539332
https://twitter.com/cyb3rops/status/1239239193269874688
https://twitter.com/cyb3rops/status/1239236400555458560
https://t.co/WM8zogaLvi
https://t.co/bUvQ8lHBK1
https://www.sciencedirect.com/science/article/pii/S2588933819300391
https://www.stlucianewsonline.com/bird-flu-breaks-out-in-china/
https://twitter.com/cyb3rops/status/1239201156678799361
https://twitter.com/cyb3rops/status/1239195507349688322
https://twitter.com/cyb3rops/status/1239195503302189057
https://twitter.com/cyb3rops/status/1239195501804781569
https://twitter.com/cyb3rops/status/1239195499229560835
https://twitter.com/cyb3rops/status/1239195485627449346
https://twitter.com/cyb3rops/status/1239195484356517888
https://twitter.com/cyb3rops/status/1239195483010146304
https://twitter.com/cyb3rops/status/1238597955072012295
https://twitter.com/cyb3rops/status/1238465924484784128
https://twitter.com/cyb3rops/status/1238464501030293505
https://twitter.com/cyb3rops/status/1238464234377359360
https://t.co/H8vj5y4NgH
https://research.checkpoint.com/2020/vicious-panda-the-covid-campaign/
https://twitter.com/cyb3rops/status/1238404740263919616
https://t.co/Bj1TrJVGO0
https://github.com/Neo23x0/sigma/pull/659
https://twitter.com/cyb3rops/status/1238034395405135873
https://twitter.com/cyb3rops/status/1238034191222177794
https://twitter.com/cyb3rops/status/1237729051374170114
https://twitter.com/cyb3rops/status/1237716483280637954
https://twitter.com/cyb3rops/status/1237689304475938816
https://twitter.com/cyb3rops/status/1237686557995421697
https://twitter.com/cyb3rops/status/1237685992116695041
https://t.co/zEYQMKi65I
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/adv200005
https://twitter.com/cyb3rops/status/1237683183543558144
https://t.co/uVCtf65L8H
https://gist.github.com/nikallass/40f3215e6294e94cde78ca60dbe07394
https://twitter.com/cyb3rops/status/1237680650620190720
https://t.co/mVAn1MkjPm
https://techcommunity.microsoft.com/t5/itops-talk-blog/smb-over-quic-files-without-the-vpn/ba-p/1183449
https://twitter.com/cyb3rops/status/1237678687925022725
https://twitter.com/cyb3rops/status/1237667231296827392
https://twitter.com/cyb3rops/status/1237662453388980224
https://t.co/9Mk0cC9sCl
https://twitter.com/mkolsek/status/1237519955211382784
https://twitter.com/cyb3rops/status/1237660608306307072
https://twitter.com/cyb3rops/status/1237660255338876928
https://twitter.com/cyb3rops/status/1237659571893739520
https://t.co/U7tIlTXSH9
https://support.microsoft.com/en-us/help/2980749/event-log-data-for-troubleshooting-smb-in-windows-8-and-windows-server
https://twitter.com/cyb3rops/status/1237655844474564608
https://twitter.com/cyb3rops/status/1237652058939031552
https://t.co/1OB9pwsNvr
https://twitter.com/RFC2321/status/1237525128532987907
https://twitter.com/cyb3rops/status/1237352755431387137
https://t.co/rPzJX1Yp6D
https://www.virustotal.com/gui/file/f91f2a7e1944734371562f18b066f193605e07223aab90bd1e8925e23bbeaa1c/details
https://twitter.com/cyb3rops/status/1237352336219144193
https://t.co/V8sSFmqU2f
https://www.virustotal.com/gui/file/a41e7282eb14517e9d55c92b88294b4ed7cb09286cd41bc1562caedb9a47022d/detection
https://twitter.com/cyb3rops/status/1237132220214673408
https://t.co/zLSM2bwYYO
https://github.com/plyara/plyara/issues/64
https://twitter.com/cyb3rops/status/1237130998686629895
https://twitter.com/cyb3rops/status/1237042681798365186
https://twitter.com/cyb3rops/status/1237042104406355968
https://twitter.com/cyb3rops/status/1237038145943883776
https://twitter.com/cyb3rops/status/1236925784310284288
https://t.co/eU6tzQXyjk
https://www.trustedsec.com/blog/detecting-cve-20200688-remote-code-execution-vulnerability-on-microsoft-exchange-server/
https://twitter.com/cyb3rops/status/1236789294079053825
https://twitter.com/cyb3rops/status/1236788669278814210
https://twitter.com/cyb3rops/status/1236785623186489346
https://twitter.com/cyb3rops/status/1236633092518969344
https://twitter.com/cyb3rops/status/1236632974118072320
https://twitter.com/cyb3rops/status/1236632814906413056
https://twitter.com/cyb3rops/status/1236632438073446400
https://t.co/YZPoVmmVrr
https://twitter.com/cyb3rops/status/1236631885717090305
https://twitter.com/cyb3rops/status/1236631885717090305
https://twitter.com/cyb3rops/status/1236591753928597507
https://twitter.com/cyb3rops/status/1236250520043565056
https://twitter.com/cyb3rops/status/1236249414232047617
https://t.co/0udgB7k8SM
https://www.hybrid-analysis.com/sample/51ea006fac7c7cf88dda19133fd2e701d53a774d0f9a6f094178db40424e2bd1/5dba9543038838873a7551bd
https://twitter.com/cyb3rops/status/1236244728989040646
https://twitter.com/cyb3rops/status/1236238797333028864
https://twitter.com/cyb3rops/status/1236217902933725184
https://twitter.com/cyb3rops/status/1235239303661457408
https://twitter.com/cyb3rops/status/1235133026142687232
https://twitter.com/cyb3rops/status/1234838320229863424
https://twitter.com/cyb3rops/status/1234831921009614849
https://twitter.com/cyb3rops/status/1234826641127411721
https://twitter.com/cyb3rops/status/1233773409114435584
https://t.co/eU6tzQXyjk
https://t.co/RoXGG6pCfn
https://www.trustedsec.com/blog/detecting-cve-20200688-remote-code-execution-vulnerability-on-microsoft-exchange-server/
https://github.com/Neo23x0/sigma/pull/644/files
https://twitter.com/cyb3rops/status/1233646685554954240
https://twitter.com/cyb3rops/status/1233524833822167041
https://twitter.com/cyb3rops/status/1233524160275648512
https://t.co/GwTg76zmbu
https://t.co/KZ52sAIeS4
https://github.com/Neo23x0/signature-base/blob/master/yara/vul_cve_2020_1938.yar
https://twitter.com/campuscodi/status/1233400508435619845
https://twitter.com/cyb3rops/status/1233517318845730818
https://twitter.com/cyb3rops/status/1233516539766333442
https://twitter.com/cyb3rops/status/1232999114121584641
https://twitter.com/cyb3rops/status/1232957298122874882
https://twitter.com/cyb3rops/status/1232955172617441281
https://t.co/8juc2WeetW
https://github.com/Neo23x0/munin#hugin-for-virustotal-retrohunts
https://twitter.com/cyb3rops/status/1232722689720225793
https://twitter.com/cyb3rops/status/1232565995409113088
https://t.co/gxS68ba6qm
https://t.co/XoOCm5sAPB
https://github.com/Neo23x0/signature-base/blob/master/yara/vul_cve_2020_0688.yar
https://www.thezdi.com/blog/2020/2/24/cve-2020-0688-remote-code-execution-on-microsoft-exchange-server-through-fixed-cryptographic-keys
https://twitter.com/cyb3rops/status/1232254818632261633
https://twitter.com/cyb3rops/status/1231848789213925376
https://t.co/kjKSL5q4NF
https://twitter.com/drbvaler/status/1231675136283226113
https://twitter.com/cyb3rops/status/1231847659582971904
https://twitter.com/cyb3rops/status/1230764579401031680
https://twitter.com/cyb3rops/status/1230762546778406912
https://twitter.com/cyb3rops/status/1230750691833966593
https://twitter.com/cyb3rops/status/1230749149701632002
https://twitter.com/cyb3rops/status/1230541243639312385
https://twitter.com/cyb3rops/status/1230493190693752832
https://twitter.com/cyb3rops/status/1230491844498333696
https://twitter.com/cyb3rops/status/1230485816297885697
https://twitter.com/cyb3rops/status/1230481793507381249
https://twitter.com/cyb3rops/status/1230481029145808897
https://twitter.com/cyb3rops/status/1230478480258863104
https://twitter.com/cyb3rops/status/1230477823682502656
https://twitter.com/cyb3rops/status/1230463361625853952
https://t.co/9R0jkNdPvb
https://docs.microsoft.com/en-us/windows-server/identity/securing-privileged-access/privileged-access-workstations
https://twitter.com/cyb3rops/status/1230402467965304833
https://twitter.com/cyb3rops/status/1230392132369895424
https://t.co/VyoCG2NHVv
https://twitter.com/briankrebs/status/1230160184284237825
https://twitter.com/cyb3rops/status/1230390425728561155
https://twitter.com/cyb3rops/status/1230106191893868547
https://twitter.com/cyb3rops/status/1230085217425264640
https://t.co/GvArJqhIu9
https://github.com/elastic/elasticsearch/pull/49993
https://twitter.com/cyb3rops/status/1230031299370475520
https://t.co/9x49AyR3y9
https://t.co/jEJXUyOvMy
https://www.thec2matrix.com/
https://docs.google.com/spreadsheets/d/1b4mUxa6cDQuTV2BPC6aA-GR4zGZi0ooPYtBe4IgPsSc/edit#gid=0
https://twitter.com/cyb3rops/status/1230029769917554689
https://twitter.com/cyb3rops/status/1230028562096324611
https://twitter.com/cyb3rops/status/1229823219345039360
https://t.co/I20908Ekm6
https://t.co/DhM4BplEAe
https://t.co/VX8tjJaose
https://t.co/j3GvhknwoP
https://github.com/mitre/caldera
https://github.com/guardicore/monkey
https://github.com/splunk/attack_range
https://posts.specterops.io/enter-mordor-pre-recorded-security-events-from-simulated-adversarial-techniques-fdf5555c9eb1
https://twitter.com/cyb3rops/status/1229813834006831104
https://twitter.com/cyb3rops/status/1229813434834935814
https://twitter.com/cyb3rops/status/1229800653935009794
https://t.co/2LhuRyx6Z6
https://twitter.com/SophosLabs/status/1229799047290130436
https://twitter.com/cyb3rops/status/1229799174922698753
https://twitter.com/cyb3rops/status/1229792774687461377
https://twitter.com/cyb3rops/status/1229789378723164165
https://twitter.com/cyb3rops/status/1229788438922190848
https://twitter.com/cyb3rops/status/1229786118587068417
https://twitter.com/cyb3rops/status/1229782920187056128
https://t.co/0Nh9azcfo6
https://twitter.com/FSecure_Consult/status/1228248344318939136
https://twitter.com/cyb3rops/status/1229716470856404993
https://t.co/EKVKYYuAud
http://www.talent-jump.com/article/2020/02/17/CLAMBLING-A-New-Backdoor-Base-On-Dropbox-en/
https://twitter.com/cyb3rops/status/1229703855388217344
https://t.co/RLEQb6mzxB
https://t.co/h3Db85uEeB
https://t.co/jetXqMCFX5
https://www.virustotal.com/gui/file/4817da3f584352ed1efabe6468e2b398e8dab012ae493401b93c24675cfd1d2a/community
https://www.hybrid-analysis.com/sample/4817da3f584352ed1efabe6468e2b398e8dab012ae493401b93c24675cfd1d2a
https://iris-h.services/pages/report/da1df835e5dd34ed2c8ecf1386a21d7b1722b1e8
https://twitter.com/cyb3rops/status/1229699486408151042
https://twitter.com/cyb3rops/status/1229699289074610177
https://t.co/qEPlbEudTd
https://t.co/bKh8ZTLDwD
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_process_dump_rundll32_comsvcs.yml
https://twitter.com/shantanukhande/status/1229348874298388484
https://twitter.com/cyb3rops/status/1229692117016027136
https://twitter.com/cyb3rops/status/1229690433661435904
https://twitter.com/cyb3rops/status/1229498571281633282
https://t.co/zt6wXUvl4U
https://www.humblebundle.com/books/cybersecurity-2020-wiley-books?partner=cyb3rops&charity=2330496
https://twitter.com/cyb3rops/status/1228989992875282437
https://t.co/ZhcFXyycMA
https://github.com/Neo23x0/sigma/issues/382#issuecomment-586689877
https://twitter.com/cyb3rops/status/1228738821245820928
https://t.co/f8mrrcMDSR
https://github.com/microsoft/LightGBM/issues/1369
https://twitter.com/cyb3rops/status/1228697588536422403
https://t.co/akqUq9kKxf
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/controlled-folders
https://twitter.com/cyb3rops/status/1228695801045671936
https://t.co/akqUq9kKxf
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/controlled-folders
https://twitter.com/cyb3rops/status/1228695055818543105
https://twitter.com/cyb3rops/status/1228694617186541568
https://twitter.com/cyb3rops/status/1228693496103604225
https://twitter.com/cyb3rops/status/1228688462179717123
https://t.co/DzklM0hGLB
https://docs.google.com/spreadsheets/d/e/2PACX-1vRCVzG9JCzak3hNqqrVCTQQIzH0ty77BWiLEbDu-q9oxkhAamqnlYgtQ4gF85pF6j6g3GmQxivuvO1U/pubhtml
https://twitter.com/cyb3rops/status/1228686349538091008
https://twitter.com/cyb3rops/status/1228685221215834113
https://twitter.com/cyb3rops/status/1228615587594743808
https://t.co/OHfkU1xbbu
https://t.co/Sq1jzurRQ4
https://randomwordgenerator.com/adjective.php
https://randomwordgenerator.com/noun.php
https://twitter.com/cyb3rops/status/1228610815189798914
https://twitter.com/cyb3rops/status/1228358980860289024
https://t.co/3AftK1185p
https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/edit#gid=1325727307
https://twitter.com/cyb3rops/status/1228358122625957888
https://t.co/EaTdNtNEaB
https://www.sweetscape.com/010editor/repository/scripts/file_info.php?file=RateStrings.1sc&type=1&sort=
https://twitter.com/cyb3rops/status/1228309438429368320
https://twitter.com/cyb3rops/status/1228308786101858304
https://t.co/yPkFoXO4R9
https://github.com/Neo23x0/sigma/tree/master/rules/proxy
https://twitter.com/cyb3rops/status/1228308473726849024
https://twitter.com/cyb3rops/status/1228306588475195392
https://twitter.com/cyb3rops/status/1228306241815969792
https://twitter.com/cyb3rops/status/1228302878156238851
https://t.co/3AftK1185p
https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/edit#gid=1325727307
https://twitter.com/cyb3rops/status/1228237166670532609
https://twitter.com/cyb3rops/status/1228236078970109953
https://twitter.com/cyb3rops/status/1228224577488089091
https://twitter.com/cyb3rops/status/1228218208991137792
https://twitter.com/cyb3rops/status/1227984610233126912
https://twitter.com/cyb3rops/status/1227946198331465728
https://twitter.com/cyb3rops/status/1227940086546882560
https://t.co/InPKuEdhAX
https://en.wikipedia.org/wiki/Fsn_(file_manager)
https://twitter.com/cyb3rops/status/1227933030687354880
https://twitter.com/cyb3rops/status/1227930266360057856
https://twitter.com/cyb3rops/status/1227928599283539969
https://twitter.com/cyb3rops/status/1227928100308168704
https://twitter.com/cyb3rops/status/1227924223332618241
https://twitter.com/cyb3rops/status/1227646379683700737
https://twitter.com/cyb3rops/status/1227644452640100355
https://twitter.com/cyb3rops/status/1227643995532255233
https://twitter.com/cyb3rops/status/1227643775134117889
https://twitter.com/cyb3rops/status/1227643173394157569
https://twitter.com/cyb3rops/status/1227642870963875840
https://twitter.com/cyb3rops/status/1227641077303332864
https://twitter.com/cyb3rops/status/1227635591958925314
https://twitter.com/cyb3rops/status/1227634925207195648
https://twitter.com/cyb3rops/status/1227634333009223682
https://twitter.com/cyb3rops/status/1227631703654649857
https://twitter.com/cyb3rops/status/1227629113697087488
https://twitter.com/cyb3rops/status/1227628141939744770
https://twitter.com/cyb3rops/status/1227627670705463296
https://twitter.com/cyb3rops/status/1227626629935124484
https://twitter.com/cyb3rops/status/1227612033539018752
https://twitter.com/cyb3rops/status/1227609680001806337
https://t.co/fTntVuNAl7
https://twitter.com/cyb3rops/status/1227600717793447939
https://twitter.com/cyb3rops/status/1227607766451326976
https://twitter.com/cyb3rops/status/1227600717793447939
https://t.co/KehUlhL2Hy
https://www.slideshare.net/FlorianRoth2/security-analyst-workshop-20200212
https://twitter.com/cyb3rops/status/1227592439134900224
https://twitter.com/cyb3rops/status/1227591631530012679
https://t.co/wHa7O8s4IU
https://twitter.com/cyb3rops/status/1227351430694146048
https://twitter.com/cyb3rops/status/1227586752765988864
https://twitter.com/cyb3rops/status/1227575206580977667
https://twitter.com/cyb3rops/status/1227567335411724288
https://t.co/494Nz3sHdX
https://twitter.com/cyb3rops/status/1227314543262666754
https://twitter.com/cyb3rops/status/1227566247581290497
https://twitter.com/cyb3rops/status/1227565336112828416
https://twitter.com/cyb3rops/status/1227564463664050176
https://t.co/wHa7O8s4IU
https://twitter.com/cyb3rops/status/1227351430694146048
https://twitter.com/cyb3rops/status/1227563607405268992
https://twitter.com/cyb3rops/status/1227562094100393984
https://twitter.com/cyb3rops/status/1227555537975488514
https://t.co/OIyDTcykTl
https://twitter.com/mbmcloughlin/status/1227410146608869376
https://twitter.com/cyb3rops/status/1227553521672900608
https://t.co/BMEHWlIylP
https://t.co/POMIRJ0CKI
https://www.elastic.co/guide/en/siem/guide/master/rules-ui-create.html
https://twitter.com/elastic/status/1227329000659353600
https://twitter.com/cyb3rops/status/1227354463414956037
https://twitter.com/cyb3rops/status/1227351430694146048
https://t.co/wbUiWX7DDq
https://twitter.com/cyb3rops/status/1227250769071628289
https://twitter.com/cyb3rops/status/1227350788244221954
https://t.co/9HEmyE8SNR
https://twitter.com/cyb3rops/status/1227344399492882438
https://twitter.com/cyb3rops/status/1227345596639518721
https://twitter.com/cyb3rops/status/1227345364728020993
https://t.co/butQm06Uta
https://t.co/9HEmyE8SNR
https://twitter.com/cyb3rops/status/1227344399492882438?s=21
https://twitter.com/cyb3rops/status/1227344399492882438
https://twitter.com/cyb3rops/status/1227344399492882438
https://twitter.com/cyb3rops/status/1227341138480287746
https://twitter.com/cyb3rops/status/1227338303436939264
https://twitter.com/cyb3rops/status/1227337729358385162
https://twitter.com/cyb3rops/status/1227335022019043328
https://twitter.com/cyb3rops/status/1227322609844531207
https://twitter.com/cyb3rops/status/1227320918826999808
https://twitter.com/cyb3rops/status/1227319843554316290
https://twitter.com/cyb3rops/status/1227318520695939078
https://twitter.com/cyb3rops/status/1227317561261424640
https://twitter.com/cyb3rops/status/1227314543262666754
https://twitter.com/cyb3rops/status/1227286858318729216
https://t.co/GBpKRnhGnu
https://www.virustotal.com/gui/file/70c65bd0e084398a87baa298c1fafa52afff402096cb350d563d309565c07e83/community
https://twitter.com/cyb3rops/status/1227254204957216769
https://twitter.com/cyb3rops/status/1227250769071628289
https://twitter.com/cyb3rops/status/1226889025417568256
https://t.co/e7ivo8A9RA
https://github.com/nshalabi/SysmonTools
https://twitter.com/cyb3rops/status/1226230574723084288
https://t.co/qR0wWOnrVb
https://www.trustedsec.com/blog/why-we-are-launching-the-trustedsec-sysmon-community-guide/
https://twitter.com/cyb3rops/status/1225790048827846662
https://twitter.com/cyb3rops/status/1225783929921318912
https://twitter.com/cyb3rops/status/1225766608343355393
https://twitter.com/cyb3rops/status/1225764679621992449
https://t.co/t3p4o4f1rj
https://t.co/QgiWajJDdm
https://t.co/xnJePO0x9K
https://twitter.com/AdamTheAnalyst/status/1225720630697484288
https://app.any.run/tasks/6360b059-b623-45fd-b219-d585e9201418/
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_susp_rundll32_by_ordinal.yml
https://twitter.com/cyb3rops/status/1225754847024050177
https://twitter.com/cyb3rops/status/1225334343838597120
https://t.co/uNytlyTIyi
https://t.co/FNr41arefu
https://twitter.com/anyrun_app/status/1225323429399793666
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_susp_powershell_enc_cmd.yml
https://twitter.com/cyb3rops/status/1225105341093941248
https://t.co/GNE2yqS8yS
https://github.com/hasherezade/pe-sieve
https://twitter.com/cyb3rops/status/1225057010263171073
https://t.co/jREgrr3HYU
https://www.cyberus-technology.de/posts/2020-02-04-dashboard.html
https://twitter.com/cyb3rops/status/1224953264787132423
https://twitter.com/cyb3rops/status/1224952984875995136
https://t.co/YOalHh8DCH
https://github.com/Neo23x0/sigma/search?utf8=%E2%9C%93&q=lsass+&type=
https://twitter.com/cyb3rops/status/1224816935784927233
https://t.co/is7NWIRn8v
https://t.co/MFyVbgxrST
https://t.co/zFhxuJoQtY
https://github.com/outflanknl/Dumpert
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_hack_dumpert.yml
https://unit42.paloaltonetworks.com/actors-still-exploiting-sharepoint-vulnerability/
https://twitter.com/cyb3rops/status/1224595457051123712
https://t.co/zFhxuJoQtY
https://unit42.paloaltonetworks.com/actors-still-exploiting-sharepoint-vulnerability/
https://twitter.com/cyb3rops/status/1224286834718625793
https://t.co/SROJBb65Ra
https://blog.g3rt.nl/upgrade-your-ssh-keys.html
https://twitter.com/cyb3rops/status/1224261380846575617
https://t.co/6JjzyRl4nW
https://blog.360totalsecurity.com/en/bayworld-event-cyber-attack-against-foreign-trade-industry/
https://twitter.com/cyb3rops/status/1224231163931303940
https://t.co/FqfaylidT2
https://github.com/2d4d/rdg_scanner_cve-2020-0609
https://twitter.com/cyb3rops/status/1223944753097662464
https://twitter.com/cyb3rops/status/1223886529090801667
https://t.co/PiJfDvREvR
https://t.co/s9WHTo1bFy
https://t.co/vun2epCjhC
https://uncoder.io/
https://github.com/Neo23x0/sigma/wiki/Converter-Tool-Sigmac
https://github.com/Neo23x0/sigma/blob/master/README.md#translate-only-rules-of-level-high-or-critical
https://twitter.com/cyb3rops/status/1223868231074664449
https://t.co/PiJfDvREvR
https://uncoder.io/
https://twitter.com/cyb3rops/status/1223866911861112834
https://twitter.com/cyb3rops/status/1223730791680806912
https://twitter.com/cyb3rops/status/1223621298187898881
https://twitter.com/cyb3rops/status/1223620205252956161
https://t.co/z8xaWcdGLs
https://t.co/j2bBHaSqEP
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_apt_winnti_mal_hk_jan20.yml
https://www.welivesecurity.com/2020/01/31/winnti-group-targeting-universities-hong-kong/
https://twitter.com/cyb3rops/status/1223605944757772289
https://twitter.com/cyb3rops/status/1223605494432043008
https://twitter.com/cyb3rops/status/1223572452233699329
https://twitter.com/cyb3rops/status/1223553890047746048
https://twitter.com/cyb3rops/status/1223542761149825024
https://t.co/PID50aoNf5
https://imgur.com/gallery/AlCZXEi
https://twitter.com/cyb3rops/status/1223529571573735425
https://t.co/41s0R1L65c
https://pastebin.com/kdcRZ4xR
https://twitter.com/cyb3rops/status/1223248099323367424
https://twitter.com/cyb3rops/status/1223242345862389765
https://t.co/j2bBHaSqEP
https://www.welivesecurity.com/2020/01/31/winnti-group-targeting-universities-hong-kong/
https://twitter.com/cyb3rops/status/1223233821975416834
https://twitter.com/cyb3rops/status/1223148923973447680
https://t.co/HVMK0PDqE6
https://t.co/3WZnJIRDfX
https://www.tagesschau.de/investigativ/ndr/hackerangriff-chemieunternehmen-101.html
https://www.virustotal.com/gui/file/df6af36626d375c5e8aff45c64bfc1975d753b109e126a6cb30ee0523550329c/detection
https://twitter.com/cyb3rops/status/1222948728560144384
https://twitter.com/cyb3rops/status/1222945499281530881
https://twitter.com/cyb3rops/status/1222937568905519105
https://twitter.com/cyb3rops/status/1222936751163002881
https://twitter.com/cyb3rops/status/1222932854105169921
https://t.co/fVkHqPINzU
https://t.co/PPpjZA8evd
https://github.com/Neo23x0/sigma/wiki/Rule-Creation-Guide
https://github.com/Neo23x0/sigma/pull/604
https://twitter.com/cyb3rops/status/1222924151154970626
https://t.co/bQRma8C4tp
https://t.co/8m5SY95ar0
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_susp_svchost.yml
https://twitter.com/ReaQta/status/1222548288731217921
https://twitter.com/cyb3rops/status/1222538344695050241
https://t.co/NLFmiEVwO7
https://t.co/DZIu5OMQfY
https://t.co/CvkmPKTLIM
https://gist.github.com/Neo23x0/6af876ee72b51676c82a2db8d2cd3639
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_powershell_susp.yar#L204
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_powershell_frombase64string.yml
https://twitter.com/cyb3rops/status/1222530229337559040
https://twitter.com/cyb3rops/status/1222507469370462208
https://twitter.com/cyb3rops/status/1222497686454140928
https://t.co/BujlhFmpx1
https://app.any.run/tasks/76d809d6-fd96-4b0a-a816-9c5fca76dd8b
https://twitter.com/cyb3rops/status/1222462010098638849
https://twitter.com/cyb3rops/status/1222419378383261696
https://t.co/PiJfDvREvR
https://uncoder.io/
https://twitter.com/cyb3rops/status/1222106299946733569
https://t.co/m3Gb9Juw3O
https://t.co/7sv48Cbvbe
https://t.co/93wBZtisOG
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_susp_dctask64_proc_inject.yml
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_susp_renamed_dctask64.yml
https://twitter.com/gN3mes1s/status/1222088214581825540
https://twitter.com/cyb3rops/status/1222101886200877057
https://twitter.com/cyb3rops/status/1222101603500679169
https://twitter.com/cyb3rops/status/1222100055781511170
https://twitter.com/cyb3rops/status/1222099408231305216
https://twitter.com/cyb3rops/status/1222097745101709312
https://twitter.com/cyb3rops/status/1222055416714141696
https://twitter.com/cyb3rops/status/1222053304416505856
https://twitter.com/cyb3rops/status/1221838428519747584
https://twitter.com/cyb3rops/status/1221833314069250051
https://t.co/0t83fQheee
https://www.reuters.com/article/us-cyber-attack-hijack-exclusive/exclusive-hackers-acting-in-turkeys-interests-believed-to-be-behind-recent-cyberattacks-sources-idUSKBN1ZQ10X
https://twitter.com/cyb3rops/status/1221788935782895616
https://twitter.com/cyb3rops/status/1221774573462487040
https://twitter.com/cyb3rops/status/1221763541411291137
https://t.co/rJvx5fX6z9
https://www.nextron-systems.com/2019/10/04/antivirus-event-analysis-cheat-sheet-v1-7-2/
https://twitter.com/cyb3rops/status/1221752036460584961
https://twitter.com/cyb3rops/status/1221747528355532805
https://twitter.com/cyb3rops/status/1221738375998328832
https://twitter.com/cyb3rops/status/1221737802112675842
https://t.co/sRF2MylNah
https://github.com/Neo23x0/auditd
https://twitter.com/cyb3rops/status/1221737046261272579
https://twitter.com/cyb3rops/status/1221733335044628480
https://twitter.com/cyb3rops/status/1221731367777644550
https://twitter.com/cyb3rops/status/1221712668442185728
https://twitter.com/cyb3rops/status/1221712167369572352
https://twitter.com/cyb3rops/status/1221711325228756992
https://t.co/qVoDGspn1L
https://www.infoblox.com/dns-security-resource-center/dns-security-solutions/dns-security-solutions-query-logging-reporting/
https://twitter.com/cyb3rops/status/1221710246806282240
https://twitter.com/cyb3rops/status/1221709220720074752
https://twitter.com/cyb3rops/status/1221708563111956480
https://twitter.com/cyb3rops/status/1221708046604349440
https://twitter.com/cyb3rops/status/1221707153939091457
https://twitter.com/cyb3rops/status/1221705918620094464
https://twitter.com/cyb3rops/status/1221703710847512576
https://twitter.com/cyb3rops/status/1221702412274151425
https://twitter.com/cyb3rops/status/1221702139480768512
https://t.co/gmYnqz6JP1
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon
https://twitter.com/cyb3rops/status/1221580082667499522
https://twitter.com/cyb3rops/status/1221217564241596419
https://twitter.com/cyb3rops/status/1221212357432676359
https://t.co/mTf7NCYivi
https://twitter.com/drdenagrayson/status/1220856786602930177?s=21
https://twitter.com/cyb3rops/status/1221146317684137986
https://twitter.com/cyb3rops/status/1221101411095785472
https://twitter.com/cyb3rops/status/1221099230074494977
https://t.co/f6vTgrauA6
https://t.co/hFOXI2ZYRN
https://www.nature.com/news/inside-the-chinese-lab-poised-to-study-world-s-most-dangerous-pathogens-1.21487
https://www.cbc.ca/news/canada/manitoba/chinese-researcher-escorted-from-infectious-disease-lab-amid-rcmp-investigation-1.5211567
https://twitter.com/cyb3rops/status/1221098645967327234
https://twitter.com/cyb3rops/status/1221098489184243713
https://t.co/f6vTgrauA6
https://www.nature.com/news/inside-the-chinese-lab-poised-to-study-world-s-most-dangerous-pathogens-1.21487
https://twitter.com/cyb3rops/status/1221096062091517958
https://t.co/FBETbbhhIT
https://www.hindustantimes.com/world-news/a-high-security-lab-in-ground-zero-wuhan-could-hold-key-to-cure-coronavirus/story-bHKGXxL03ZAxNrGmownyzM.html
https://twitter.com/cyb3rops/status/1221086149449568259
https://t.co/fPaPmHcVXf
https://t.co/hFOXI2ZYRN
https://t.co/fPe2g2WRAR
https://www.washingtontimes.com/news/2020/jan/24/virus-hit-wuhan-has-two-laboratories-linked-chines/
https://www.cbc.ca/news/canada/manitoba/chinese-researcher-escorted-from-infectious-disease-lab-amid-rcmp-investigation-1.5211567
https://twitter.com/VirusintheWorld/status/1220656536768434177
https://twitter.com/cyb3rops/status/1221011151783452678
https://twitter.com/cyb3rops/status/1221007978037436416
https://twitter.com/cyb3rops/status/1221007273797070850
https://twitter.com/cyb3rops/status/1221005325031047168
https://twitter.com/cyb3rops/status/1221004692949434369
https://twitter.com/cyb3rops/status/1220999030488150016
https://t.co/beH9UMXxS3
https://www.youtube.com/watch?v=92sXWVxRr0g
https://twitter.com/cyb3rops/status/1220970583917318144
https://twitter.com/cyb3rops/status/1220731638847606786
https://t.co/QRWRrgaVxt
https://t.co/r39Qs0NwCq
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_rdp_hijack_shadowing.yml
https://twitter.com/kmkz_security/status/1220694202301976576
https://twitter.com/cyb3rops/status/1220717928808681480
https://t.co/xfeO6wTgmp
https://t.co/ENtItkIEgB
https://t.co/lIRylorGPh
https://t.co/6g5vSKRiUZ
https://unit42.paloaltonetworks.com/the-fractured-statue-campaign-u-s-government-targeted-in-spear-phishing-attacks/
https://app.any.run/tasks/c280a6d5-d257-448d-9df2-d2205e677e37/
https://github.com/Neo23x0/signature-base/blob/master/yara/thor_inverse_matches.yar#L431
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_renamed_binary.yml
https://twitter.com/cyb3rops/status/1220711767371919361
https://t.co/jkGVUXuPkw
https://twitter.com/dmargaritis/status/1220687518171127809
https://twitter.com/cyb3rops/status/1220705490327437313
https://t.co/yNiUCMFLbr
https://twitter.com/thor_scanner/status/1220703842561642497
https://twitter.com/cyb3rops/status/1220619201020338176
https://t.co/6GTnPwnPat
https://t.co/gDv1fwfnd5
https://github.com/ollypwn/BlueGate
https://github.com/MalwareTech/RDGScanner
https://twitter.com/cyb3rops/status/1220385449644101641
https://t.co/WazjJkHr69
https://twitter.com/vvalien1/status/1220376167859081218
https://twitter.com/cyb3rops/status/1220369146577326080
https://twitter.com/cyb3rops/status/1220362128273657856
https://twitter.com/cyb3rops/status/1220354269494333440
https://twitter.com/cyb3rops/status/1220350624589647873
https://twitter.com/cyb3rops/status/1220067038934327297
https://twitter.com/cyb3rops/status/1219972501402542080
https://t.co/pZfTNUoqfI
https://t.co/HnVaH07D19
https://jsac.jpcert.or.jp/archive/2020/pdf/JSAC2020_8_koike-nakajima_jp.pdf
https://nao-sec.org/jsac2020_ioc.html
https://twitter.com/cyb3rops/status/1219886788573044736
https://t.co/cRu8knf9Qq
https://t.co/cbnKc5X2TK
https://twitter.com/cyb3rops/status/1219162434700746753?s=21
https://twitter.com/cyb3rops/status/1219162434700746753
https://twitter.com/cyb3rops/status/1219506666875576320
https://twitter.com/cyb3rops/status/1219311285352960002
https://twitter.com/cyb3rops/status/1219215130568818688
https://twitter.com/cyb3rops/status/1219170856452218881
https://twitter.com/cyb3rops/status/1219162434700746753
https://t.co/XvWlGAyfdl
https://github.com/x1sec/CVE-2019-19781/blob/master/CVE-2019-19781-DFIR.md
https://twitter.com/cyb3rops/status/1218465561979564032
https://t.co/A8K504A834
https://www.kryptoslogic.com/blog/2020/01/rdp-to-rce-when-fragmentation-goes-wrong/
https://twitter.com/cyb3rops/status/1218197340122730497
https://twitter.com/cyb3rops/status/1218168737666387970
https://twitter.com/cyb3rops/status/1218157077065019394
https://twitter.com/cyb3rops/status/1218074922683072512
https://t.co/zPmyS1U7fG
https://www.fireeye.com/blog/threat-research/2020/01/vigilante-deploying-mitigation-for-citrix-netscaler-vulnerability-while-maintaining-backdoor.html
https://twitter.com/cyb3rops/status/1218069028419272704
https://twitter.com/cyb3rops/status/1217941697889558529
https://twitter.com/cyb3rops/status/1217931182710628355
https://twitter.com/cyb3rops/status/1217930381623689218
https://twitter.com/cyb3rops/status/1217843888628674560
https://t.co/N3BI2X0Kx0
https://www.virustotal.com/gui/search/%2523cve%2520%2523signed/comments
https://twitter.com/cyb3rops/status/1217842061531066369
https://twitter.com/cyb3rops/status/1217837117897871360
https://twitter.com/cyb3rops/status/1217836416203403267
https://t.co/tfGH1PPYzE
https://t.co/Zfj4RtZz6M
https://t.co/qWtnZtObc4
https://t.co/EXX6bgkKju
https://www.virustotal.com/gui/file/112433fd355b9c3e608cd11ae0b5866895f581b4ba2f17d5a42a75f10155e28f/detection
https://www.virustotal.com/gui/file/42b5769388b04edd7c1ca0bb8dfd19b47d1e6c961dcaf1287968542b30b7f225/detection
https://www.virustotal.com/gui/file/5a60606c99d48cbcdf3bef36c593ec06ec08cd5026fcb4310d6ea2fc77a3374f/detection
https://www.virustotal.com/gui/file/d6ab910259c9bc68196aeec3e9ff4864bada22738c02ecf5ada7912ced292d28/details
https://twitter.com/cyb3rops/status/1217833171896688641
https://twitter.com/cyb3rops/status/1217819619928485889
https://twitter.com/cyb3rops/status/1217802927257128961
https://twitter.com/cyb3rops/status/1217799210747252737
https://t.co/4GL6lvEBbU
https://t.co/yggvpAy9ce
https://cse.google.com/cse?cx=003248445720253387346:turlh5vi4xc
https://gist.github.com/Neo23x0/c4f40629342769ad0a8f3980942e21d3
https://twitter.com/cyb3rops/status/1217794101988528130
https://t.co/glOPNnqdOY
https://t.co/WFqASX4Sdn
https://www.virustotal.com/gui/file/b2ef6d2d005b9442447e2f07a0a0e5f9d4b32a4e066a94015fd9930f752a7477/details
https://www.virustotal.com/gui/file/584886c3382d66b77f1123f6ce02cbbf88ccc35b402fc7a8f497d581be0d17ad/detection
https://twitter.com/cyb3rops/status/1217766193592963073
https://twitter.com/cyb3rops/status/1217763548056649728
https://t.co/OVbd2l4unf
https://srcincite.io/blog/2020/01/14/busting-ciscos-beans-hardcoding-your-way-to-hell.html
https://twitter.com/cyb3rops/status/1217725443756961792
https://t.co/YClUYpQ9v2
https://www.virustotal.com/gui/file/95597ed5ed579d4fe1e9a2177c29178038e4f837998bc058c94ede6ec55b7547/details
https://twitter.com/cyb3rops/status/1217547073203077121
https://twitter.com/cyb3rops/status/1217545671424847874
https://t.co/3afXHOfn5b
https://t.co/vziOfRDXQl
https://twitter.com/mattifestation/status/1217179698008068096
https://github.com/Neo23x0/sigma/blob/master/rules/windows/builtin/win_audit_cve.yml
https://twitter.com/cyb3rops/status/1217437331009015808
https://t.co/xrNgz2SBfX
http://gist.github.com
https://twitter.com/cyb3rops/status/1217357206145900544
https://twitter.com/cyb3rops/status/1217357135069294592
https://twitter.com/cyb3rops/status/1217176655141179394
https://t.co/V5gFt7FCdh
https://www.fireeye.com/blog/products-and-services/2020/01/rough-patch-promise-it-will-be-200-ok.html
https://twitter.com/cyb3rops/status/1217087056373080064
https://twitter.com/cyb3rops/status/1217070953685049346
https://twitter.com/cyb3rops/status/1217036545301123072
https://t.co/zqfpvyDpp2
https://twitter.com/thor_scanner/status/1217036041904959488
https://twitter.com/cyb3rops/status/1216987366679830533
https://twitter.com/cyb3rops/status/1216984432990720000
https://t.co/uaWAq8rQ8Q
https://twitter.com/bad_packets/status/1216635462011351040
https://twitter.com/cyb3rops/status/1216786174104260608
https://twitter.com/cyb3rops/status/1216752312305225732
https://t.co/lNIdCjTkiE
https://twitter.com/SWRdata/status/1216747274681929733
https://twitter.com/cyb3rops/status/1216714840938549248
https://t.co/dSfbNB91eU
https://t.co/tPNPtNkrKP
https://t.co/6zCM5kTtIs
https://t.co/538dA6HaJM
https://t.co/aETotoSY17
https://t.co/XjR6JTQcxm
https://t.co/Q2IzgJPSUJ
https://t.co/8fwLKhIhPI
https://doc.emergingthreats.net/bin/view/Main/2029206
https://github.com/Neo23x0/sigma/blob/master/rules/web/web_citrix_cve_2019_19781_exploit.yml
https://github.com/Neo23x0/signature-base/blob/master/yara/exploit_shitrix.yar
https://otx.alienvault.com/pulse/5e1c293e07c770f36d232489
https://github.com/cyberstruggle/DeltaGroup/blob/master/CVE-2019-19781/CVE-2019-19781.nse
https://github.com/rapid7/metasploit-framework/blob/a64b0fa9e75befc3ffdb6129e88a6f6dd4c31208/modules/exploits/unix/webapp/citrix_dir_trasversal_rce.rb
https://github.com/MalwareTech/CitrixHoneypot
https://twitter.com/cyb3rops/status/1216310642552049666
https://twitter.com/cyb3rops/status/1216689347187089409
https://t.co/6zCM5kTtIs
https://github.com/Neo23x0/signature-base/blob/master/yara/exploit_shitrix.yar
https://twitter.com/cyb3rops/status/1216670380011769856
https://twitter.com/cyb3rops/status/1216651379948826624
https://t.co/UG7tfJHrP1
https://en.wikipedia.org/wiki/The_dress
https://twitter.com/cyb3rops/status/1216643587305328640
https://twitter.com/cyb3rops/status/1216642819118510081
https://t.co/SxZKheXRQe
https://isc.sans.edu/forums/diary/Citrix+ADC+Exploits+Overview+of+Observed+Payloads/25704/
https://twitter.com/cyb3rops/status/1216486695253762048
https://t.co/agUIy1qg83
https://www.fireeye.com/blog/threat-research/2014/01/tracking-malware-import-hashing.html
https://twitter.com/cyb3rops/status/1216447567334191105
https://twitter.com/cyb3rops/status/1216439923173142528
https://twitter.com/cyb3rops/status/1216405920357416965
https://twitter.com/cyb3rops/status/1216311009880760321
https://twitter.com/cyb3rops/status/1216310642552049666
https://t.co/TLpr9eGtTu
https://www.trustedsec.com/blog/netscaler-remote-code-execution-forensics/
https://twitter.com/cyb3rops/status/1216302717020397569
https://twitter.com/cyb3rops/status/1216292546709684225
https://t.co/pdBYctvFIV
https://www.tripwire.com/state-of-security/vert/citrix-netscaler-cve-2019-19781-what-you-need-to-know/
https://twitter.com/cyb3rops/status/1216290905906450432
https://t.co/qmowSQ1sTy
https://www.reddit.com/r/blueteamsec/comments/en4m7j/multiple_exploits_for_cve201919781_citrix/
https://twitter.com/cyb3rops/status/1216282687973076992
https://twitter.com/cyb3rops/status/1216279017097134082
https://twitter.com/cyb3rops/status/1216273162750611457
https://twitter.com/cyb3rops/status/1216271668823437312
https://twitter.com/cyb3rops/status/1216008398073778176
https://twitter.com/cyb3rops/status/1216007215326339078
https://twitter.com/cyb3rops/status/1216002731678281728
https://twitter.com/cyb3rops/status/1216001718711996416
https://t.co/2det5naUwp
https://twitter.com/cyb3rops/status/1215920341928890368
https://twitter.com/cyb3rops/status/1216001170826809349
https://twitter.com/cyb3rops/status/1215999468837003264
https://twitter.com/cyb3rops/status/1215999411798585356
https://twitter.com/cyb3rops/status/1215996968314527744
https://twitter.com/cyb3rops/status/1215996794028658688
https://twitter.com/cyb3rops/status/1215996442327900160
https://twitter.com/cyb3rops/status/1215996242247012352
https://t.co/bmsQLW86N2
https://github.com/projectzeroindia/CVE-2019-11510/pull/1
https://twitter.com/cyb3rops/status/1215993961531265024
https://twitter.com/cyb3rops/status/1215991145723056128
https://twitter.com/cyb3rops/status/1215990065878441984
https://twitter.com/cyb3rops/status/1215988652406398976
https://twitter.com/cyb3rops/status/1215987350339301376
https://twitter.com/cyb3rops/status/1215985629777014785
https://twitter.com/cyb3rops/status/1215985116662632448
https://twitter.com/cyb3rops/status/1215979492109438976
https://twitter.com/cyb3rops/status/1215974764227039238
https://twitter.com/cyb3rops/status/1215925348875087874
https://twitter.com/cyb3rops/status/1215922784255332352
https://twitter.com/cyb3rops/status/1215921087789391872
https://twitter.com/cyb3rops/status/1215920341928890368
https://t.co/S0l33AQ5F6
https://t.co/TLpr9eGtTu
https://github.com/Neo23x0/Fenrir/tree/netscaler
https://www.trustedsec.com/blog/netscaler-remote-code-execution-forensics/
https://twitter.com/cyb3rops/status/1215917627467534336
https://twitter.com/cyb3rops/status/1215911796109955072
https://twitter.com/cyb3rops/status/1215911397487513601
https://twitter.com/cyb3rops/status/1215910818224771072
https://t.co/TEmjrUb7ek
https://t.co/85Nj1Hfzd0
https://twitter.com/cyb3rops/status/1007243153970167808?s=21
https://twitter.com/cyb3rops/status/1007243153970167808
https://twitter.com/cyb3rops/status/1215647660830527490
https://twitter.com/cyb3rops/status/1215616335046152192
https://twitter.com/cyb3rops/status/1215611646439194624
https://twitter.com/cyb3rops/status/1215608313699762176
https://twitter.com/cyb3rops/status/1215574642267688961
https://twitter.com/cyb3rops/status/1215572335572463616
https://twitter.com/cyb3rops/status/1215564785712017410
https://t.co/RnCQ8CTeWU
https://t.co/Z1DAqP0xcx
https://www.virustotal.com/gui/file/0b74fc2594b25987841a7897aff323f4165519e6c26d679256cb0d282a6f0147/details
https://securelist.com/project-tajmahal/90240/
https://twitter.com/cyb3rops/status/1215546559275982848
https://t.co/lE9lElEeFv
https://medium.com/chronicle-blog/who-is-gossipgirl-3b4170f846c0
https://twitter.com/cyb3rops/status/1215539721423683584
https://twitter.com/cyb3rops/status/1215538337802522626
https://twitter.com/cyb3rops/status/1215411889531998208
https://twitter.com/cyb3rops/status/1215395169551421442
https://t.co/TluRsTWGuK
https://www.amazon.de/dp/0770436196/ref=cm_sw_r_cp_api_i_9r6fEbAC6D70E
https://twitter.com/cyb3rops/status/1215273597683601410
https://twitter.com/cyb3rops/status/1215270770651385858
https://twitter.com/cyb3rops/status/1215265148115529728
https://twitter.com/cyb3rops/status/1215264074617016324
https://twitter.com/cyb3rops/status/1215261019318169600
https://twitter.com/cyb3rops/status/1215259847589007361
https://twitter.com/cyb3rops/status/1215257984718245888
https://twitter.com/cyb3rops/status/1215239458892734465
https://twitter.com/cyb3rops/status/1215237985630937094
https://t.co/pdBYctvFIV
https://www.tripwire.com/state-of-security/vert/citrix-netscaler-cve-2019-19781-what-you-need-to-know/
https://twitter.com/cyb3rops/status/1215169266313506817
https://twitter.com/cyb3rops/status/1214968010026504192
https://twitter.com/cyb3rops/status/1214959468750024704
https://twitter.com/cyb3rops/status/1214862452770390016
https://twitter.com/cyb3rops/status/1214858396484210689
https://twitter.com/cyb3rops/status/1214857510131240960
https://twitter.com/cyb3rops/status/1214845082693767168
https://twitter.com/cyb3rops/status/1214544429232656384
https://t.co/l33ACeeZ9c
https://undocumentedadm.in/
https://twitter.com/cyb3rops/status/1214544173526913024
https://twitter.com/cyb3rops/status/1214540479192281088
https://t.co/Xx74ERxXoT
https://isc.sans.edu/diary/25686
https://twitter.com/cyb3rops/status/1214537904720142337
https://twitter.com/cyb3rops/status/1214534129569718273
https://twitter.com/cyb3rops/status/1214532998256844801
https://twitter.com/cyb3rops/status/1214517660542734343
https://twitter.com/cyb3rops/status/1214507490945224704
https://t.co/tPNPtNkrKP
https://t.co/RaPakqnYdv
https://github.com/Neo23x0/sigma/blob/master/rules/web/web_citrix_cve_2019_19781_exploit.yml
https://support.citrix.com/article/CTX267679
https://twitter.com/cyb3rops/status/1214506362857758720
https://twitter.com/cyb3rops/status/1213054359933730816
https://t.co/mzMvy78u7g
https://medium.com/@billmarczak/how-tahnoon-bin-zayed-hid-totok-in-plain-sight-group-42-breej-4e6c06c93ba6
https://twitter.com/cyb3rops/status/1213034447194460160
https://twitter.com/cyb3rops/status/1213034211000672257
https://twitter.com/cyb3rops/status/1213031988321501185
https://t.co/afbZcUOv8k
https://twitter.com/opexxx/status/1212535072785612801
https://twitter.com/cyb3rops/status/1212648621147066370
https://t.co/y3QA55XroN
https://twitter.com/mikko/status/1212453367617851392
https://twitter.com/cyb3rops/status/1211953700786319365
https://twitter.com/cyb3rops/status/1211951308242063360
https://t.co/Uosd63uH9t
https://www.anomali.com/blog/china-based-apt-mustang-panda-targets-minority-groups-public-and-private-sector-organizations
https://twitter.com/cyb3rops/status/1211950653481861121
https://t.co/5oljioi2Pz
https://github.com/Neo23x0/signature-base/blob/master/iocs/filename-iocs.txt#L3194
https://twitter.com/cyb3rops/status/1211948962908954625
https://twitter.com/cyb3rops/status/1211942346075586560
https://twitter.com/cyb3rops/status/1211941950846312448
https://t.co/eYf3G2p92W
https://www.wilbursecurity.com/2019/12/from-zero-to-lateral-movement-in-36-minutes/
https://twitter.com/cyb3rops/status/1211918386663481345
https://t.co/mEDfe3imeI
https://www.wsj.com/articles/ghosts-in-the-clouds-inside-chinas-major-corporate-hack-11577729061
https://twitter.com/cyb3rops/status/1211695147223830529
https://twitter.com/cyb3rops/status/1211677797124628480
https://twitter.com/cyb3rops/status/1211643572405112833
https://twitter.com/cyb3rops/status/1211594560645877760
https://t.co/AgcRuwBRvA
https://lmgtfy.com/?q=8.t+rtf
https://twitter.com/cyb3rops/status/1211590310570188801
https://twitter.com/cyb3rops/status/1211562552200708096
https://t.co/IJ9PBl2kU4
https://t.co/z31Xwi7HOp
https://app.any.run/tasks/f76dc131-6e4b-4f89-bafb-1b01c53572d3
https://gchq.github.io/CyberChef/#recipe=From_Hex('Auto')XOR(%7B'option':'Hex','string':''%7D,'Standard',false)&input=QjIgNUEgNkYgMDAgRkMgMDAgRkYgMDAgRkIgMDAgRkYgMDAgMDAgRkYgRkYgMDAKNDcgMDAgRkYgMDAgRkYgMDAgRkYgMDAgQkYgMDAgRkYgMDAgRkYgMDAgRkYgMDAKRkYgMDAgRkYgMDAgRkYgMDAgRkYgMDAgRkYgMDAgRkYgMDAgRkYgMDAgRkYgMDAKRkYgMDAgRkYgMDAgRkYgMDAgRkYgMDAgRkYgMDAgRkYgMDAgMDcgMDAgRkYgMDAKRjEgMUYgNDUgMEUgRkYgQjQgRjYgQ0QgREUgQjggRkUgNEMgMzIgMjEgQUIgNjgKOTYgNzMgREYgNzAgOEQgNkYgOTggNzIgOUUgNkQgREYgNjMgOUUgNkUgOTEgNkYKOEIgMjAgOUQgNjUgREYgNzIgOEEgNkUgREYgNjkgOTEgMjAgQkIgNEYgQUMgMjAKOTIgNkYgOUIgNjUgRDEgMEQgRjIgMEEgREIgMDAgRkYgMDAgRkYgMDAgRkYgMDAKRTYgOTMgOTggRDYgQTIgRjIgRjYgODUgQTIgRjIgRjYgODUgQTIgRjIgRjYgODUKRTQgQTMgMTcgODUgQkYgRjIgRjYgODUgRTQgQTMgMjkgODUgQUQgRjIgRjYgODUKRTQgQTMgMTYgODUgQzggRjIgRjYgODUgN0YgMEQgM0QgODUgQTEgRjIgRjYgODUKQTIgRjIgRjcgODUgRjAgRjIgRjYgODUgQUYgQTAgMTMgODUgQTEgRjIgRjYgODUKQUYgQTAgMkEgODUgQTMgRjIgRjYgODUgQUYgQTAgMkQgODUgQTMgRjIgRjYgODUKQUYgQTAgMjggODUgQTMgRjIgRjYgODUgQUQgNjkgOUMgNjggQTIgRjIgRjYgODUKRkYgMDAgRkYgMDAgRkYgMDAgRkYgMDAgRkYgMDAgRkYgMDAgRkYgMDAgRkYgMDAKRkYgMDAgRkYgMDAgRkYgMDAgRkYgMDAgQUYgNDUgRkYgMDAgQjMgMDEgRjkgMDAKQUMgNUIgQUQgNUQgRkYgMDAgRkYgMDAgRkYgMDAgRkYgMDAgMUYgMDAgRkQgMjEKRjQgMDEgRjMgMDAgRkYgQzQgRkYgMDAgRkYgOTIgRkYgMDAgRkYgMDAgRkYgMDAKMEEgMjEgRkYgMDAgRkYgMTAgRkYgMDAgRkYgRTAgRkYgMDAgRkYgMDAgRkYgMTAKRkYgMTAgRkYgMDAgRkYgMDIgRkYgMDAgRjkgMDAgRkYgMDAgRkYgMDAgRkYgMDAKRjkgMDAgRkYgMDAgRkYgMDAgRkYgMDAgRkYgNzAgRkIgMDAgRkYgMDQgRkYgMDAKRkYgMDAgRkYgMDAgRkQgMDAgQkYgMDEgRkYgMDAgRUYgMDAgRkYgMTAgRkYgMDAKRkYgMDAgRUYgMDAgRkYgMTAgRkYgMDAgRkYgMDAgRkYgMDAgRUYgMDAgRkYgMDAKOEYgMkIgRkUgMDAgQTggMDAgRkYgMDAgMzcgMkIgRkUgMDAgRDcgMDAgRkYgMDAKRkYgNzAgRkUgMDAgMUYgMDEgRkYgMDAgRkYgMDAgRkYgMDAgRkYgMDAgRkYgMDAK
https://twitter.com/cyb3rops/status/1211324281667424261
https://twitter.com/cyb3rops/status/1210997755474255872
https://twitter.com/cyb3rops/status/1210994596047667200
https://t.co/rl9nkwQfB3
https://chrome.google.com/webstore/detail/dark-reader/eimadpbcbfnmbkopoojfekhnkhdbieeh?hl=en
https://twitter.com/cyb3rops/status/1210993106528722945
https://t.co/z6H3imyPFy
https://coggle.it/
https://twitter.com/cyb3rops/status/1210992711903383554
https://twitter.com/cyb3rops/status/1210969390130384901
https://t.co/JrAEHv9U4c
https://www.virustotal.com/gui/file/95330b49654d8411106a7687607e6d813201d4f22b108512787390bf67b25ec8/detection
https://twitter.com/cyb3rops/status/1210920419856977922
https://twitter.com/cyb3rops/status/1210920329381588992
https://twitter.com/cyb3rops/status/1210915148434747392
https://twitter.com/cyb3rops/status/1210914418458079232
https://twitter.com/cyb3rops/status/1210911949757792256
https://t.co/1uznt1svHL
https://t.co/Ybt4Ekg2Te
https://t.co/AtC8UkK9x3
https://t.co/VQD6RI1kjL
https://www.virustotal.com/gui/file/56ff2cf2f68cd3d878a914ae91e52e320c8ec53a6ad9dcb3c314e1a8f877b995/detection
https://beta.virusbay.io/sample/browse/db3bcfe173fce536f0f1ecd77ba3f36c
https://www.scmp.com/news/china/diplomacy-defence/article/2142863/china-hackers-accused-attacking-japanese-defence-firms
https://gchq.github.io/CyberChef/#recipe=From_Hex('Auto')XOR_Brute_Force(1,100,0,'Standard',false,true,false,'')&input=M0UgMkYgOEEgM0UgMzAgODQgMzkgRkQgMTEgODggMzEgN0MgRkQgMTEgNjQgNTgKNTkgNDMgMTAgNDAgNDIgNUYgNTcgNDIgNTEgNUQgMTAgNTMgNTEgNUUgNUUgNUYKNDQgMTAgNTIgNTUgMTAgNDIgNDUgNUUgMTAgNTkgNUUgMTAgNzQgN0YgNjMgMTAKNUQgNUYgNTQgNTUgMUUgM0QgM0QgM0EgMTQgMzAgMzAgMzAgMzAgMzAgMzAgMzAKNjggRDUgNzcgMDUgMkMgQjQgMTkgNTYgMkMgQjQgMTkgNTYgMkMgQjQgMTkgNTYKQkYgRkEgODEgNTYgMjkgQjQgMTkgNTYgNDMgQzIgODcgNTYgMzUgQjQgMTkgNTYKMjUgQ0MgOEEgNTYgMzcgQjQgMTkgNTYgMkMgQjQgMTggNTYgRTggQjQgMTkgNTYKNDMgQzIgQjIgNTYgN0EgQjQgMTkgNTYgNDMgQzIgQjMgNTYgOEYgQjQgMTkgNTYKNDMgQzIgODIgNTYgMkQgQjQgMTkgNTYgNDMgQzIgODMgNTYgMkQgQjQgMTkgNTYKNDMgQzIK
https://twitter.com/cyb3rops/status/1209825426421538817
https://twitter.com/cyb3rops/status/1209824328294043649
https://twitter.com/cyb3rops/status/1209080407699939328
https://twitter.com/cyb3rops/status/1209003770673352704
https://twitter.com/cyb3rops/status/1208877207130722309
https://twitter.com/cyb3rops/status/1208820041954795522
https://twitter.com/cyb3rops/status/1208815851551547393
https://t.co/SHTTf0ZlMC
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_susp_whoami_localsystem.yml
https://twitter.com/cyb3rops/status/1208813967671463936
https://t.co/kyLMjdyPDR
https://gist.github.com/Neo23x0/811db09add59068a7a80273d7e5f6e0f
https://twitter.com/cyb3rops/status/1208654338752729088
https://t.co/Hi3P7QhTgB
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_hktl_createminidump.yml
https://twitter.com/cyb3rops/status/1208495427789770753
https://t.co/kwqCnboO9q
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_vhd_anomaly.yar
https://twitter.com/cyb3rops/status/1208370093513687040
https://t.co/iq12olkddY
https://medium.com/mitre-attack/automating-mapping-to-attack-tram-1bb1b44bda76
https://twitter.com/cyb3rops/status/1208368539868028929
https://twitter.com/cyb3rops/status/1208345226982629376
https://twitter.com/cyb3rops/status/1208344333809848321
https://twitter.com/cyb3rops/status/1208342591051309057
https://twitter.com/cyb3rops/status/1208340267687919616
https://twitter.com/cyb3rops/status/1208329931995918336
https://twitter.com/cyb3rops/status/1208317288820199425
https://twitter.com/cyb3rops/status/1208313992806064128
https://twitter.com/cyb3rops/status/1208285311027077120
https://twitter.com/cyb3rops/status/1208154377489395712
https://t.co/X5lUQFI47D
https://t.co/0cwq8gH6CX
https://github.com/Neo23x0/sigma/pull/566
https://mitre-attack.github.io/attack-navigator/enterprise/
https://twitter.com/cyb3rops/status/1208059710798225409
https://twitter.com/cyb3rops/status/1208039647911333888
https://twitter.com/cyb3rops/status/1208034002239729664
https://t.co/kfR8LUZGbZ
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_hack_bloodhound.yml
https://twitter.com/cyb3rops/status/1207075900199714817
https://twitter.com/cyb3rops/status/1206966456522596354
https://t.co/Slw4ZDWQkx
https://github.com/Neo23x0/sigma/search?q=%22and+not+filter%22&unscoped_q=%22and+not+filter%22
https://twitter.com/cyb3rops/status/1206949341195317249
https://twitter.com/cyb3rops/status/1206947280303079424
https://t.co/YHCzMRT1nf
https://t.co/2ge2TJnjA5
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_susp_csc_folder.yml
https://blog.didierstevens.com/2010/09/07/integrity-levels-and-dll-injection/
https://twitter.com/cyb3rops/status/1206941122230194177
https://twitter.com/cyb3rops/status/1206936652024864769
https://twitter.com/cyb3rops/status/1206934491266191361
https://t.co/YHCzMRT1nf
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_susp_csc_folder.yml
https://twitter.com/cyb3rops/status/1206933554028003328
https://twitter.com/cyb3rops/status/1206932150236434432
https://twitter.com/cyb3rops/status/1206915848876765185
https://t.co/3Y1Yo2ctSq
https://t.co/VIbo4ARbtC
https://twitter.com/RedDrip7/status/1206898954383740929
https://app.any.run/tasks/0a343437-7874-45d8-8c9a-e85729be14e5
https://twitter.com/cyb3rops/status/1206877588775460864
https://twitter.com/cyb3rops/status/1206876567785394176
https://twitter.com/cyb3rops/status/1206875729461424128
https://twitter.com/cyb3rops/status/1206648472490954756
https://twitter.com/cyb3rops/status/1206643370019508227
https://t.co/FNr41arefu
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_susp_powershell_enc_cmd.yml
https://twitter.com/cyb3rops/status/1206640690614165504
https://twitter.com/cyb3rops/status/1206628304712818689
https://twitter.com/cyb3rops/status/1206627571208724480
https://twitter.com/cyb3rops/status/1206627142035017728
https://t.co/fErA44AEhq
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_rar_exfil.yar
https://twitter.com/cyb3rops/status/1206626952334979077
https://twitter.com/cyb3rops/status/1206626777944252416
https://twitter.com/cyb3rops/status/1206619037528133635
https://twitter.com/cyb3rops/status/1206599250412494848
https://twitter.com/cyb3rops/status/1206580506470440960
https://twitter.com/cyb3rops/status/1206565313124417536
https://twitter.com/cyb3rops/status/1206564383289163776
https://twitter.com/cyb3rops/status/1206564207078072320
https://twitter.com/cyb3rops/status/1206558871222927360
https://twitter.com/cyb3rops/status/1206555670100795392
https://twitter.com/cyb3rops/status/1206553641148129280
https://twitter.com/cyb3rops/status/1206553345550356480
https://twitter.com/cyb3rops/status/1206552443812749312
https://twitter.com/cyb3rops/status/1206551871168618496
https://twitter.com/cyb3rops/status/1206551549696258049
https://twitter.com/cyb3rops/status/1206550267552043009
https://twitter.com/cyb3rops/status/1206548664757497863
https://twitter.com/cyb3rops/status/1206548547266600962
https://twitter.com/cyb3rops/status/1206542552960290816
https://twitter.com/cyb3rops/status/1206536014837223424
https://twitter.com/cyb3rops/status/1206522958015062017
https://twitter.com/cyb3rops/status/1206484625998172160
https://t.co/b8mUHYWsiK
https://www.youtube.com/watch?v=UnzUViUOTTo
https://twitter.com/cyb3rops/status/1205874815074217985
https://t.co/tYx84JWWmK
https://twitter.com/maridegrazia/status/1205633101201719296
https://twitter.com/cyb3rops/status/1205797799331336192
https://t.co/vamsgn5W16
https://t.co/uZzlWX2rGu
https://github.com/Neo23x0/sigma/pull/554
https://oscd.community/
https://twitter.com/cyb3rops/status/1205768230637383680
https://twitter.com/cyb3rops/status/1205763996147736576
https://t.co/agUIy1qg83
https://www.fireeye.com/blog/threat-research/2014/01/tracking-malware-import-hashing.html
https://twitter.com/cyb3rops/status/1205763422387916801
https://t.co/dgmxaegWiM
https://github.com/Neo23x0/sigma/blob/cf22e9e576e8bfd92e74693dc53fe101b9bb0af1/rules/windows/process_creation/win_renamed_paexec.yml
https://twitter.com/cyb3rops/status/1205763011291549697
https://t.co/TUuJhW8KAD
https://t.co/SOn5NIbYVc
https://github.com/Neo23x0/signature-base/search?utf8=%E2%9C%93&q=imphash&type=
https://github.com/Neo23x0/sigma/search?utf8=%E2%9C%93&q=imphash&type=
https://twitter.com/cyb3rops/status/1205174897170898944
https://t.co/OUtcJz79zd
https://www.microsoft.com/security/blog/2019/12/12/gallium-targeting-global-telecom/
https://twitter.com/cyb3rops/status/1205090828156375040
https://twitter.com/cyb3rops/status/1205089099654279168
https://twitter.com/cyb3rops/status/1205060508107386881
https://t.co/2uXp2cb7Gu
https://github.com/Neo23x0/sigma/blob/master/rules/proxy/proxy_ua_suspicious.yml#L27
https://twitter.com/cyb3rops/status/1205053853982449664
https://twitter.com/cyb3rops/status/1205050670048595968
https://twitter.com/cyb3rops/status/1205049902151196672
https://t.co/57LGDzgykp
https://github.com/SwiftOnSecurity/sysmon-config/pull/101
https://twitter.com/cyb3rops/status/1204874829108830210
https://twitter.com/cyb3rops/status/1204787211918544896
https://t.co/uoU7Jax1lQ
https://labs.sentinelone.com/the-deadly-planeswalker-how-the-trickbot-group-united-high-tech-crimeware-apt/
https://twitter.com/cyb3rops/status/1204711689578598400
https://twitter.com/cyb3rops/status/1204515998495318017
https://twitter.com/cyb3rops/status/1204431674358059009
https://t.co/yndOQbA282
https://twitter.com/cyb3rops/status/1187341941794660354
https://twitter.com/cyb3rops/status/1204409776664240129
https://twitter.com/cyb3rops/status/1204310517688479744
https://twitter.com/cyb3rops/status/1204105030879653894
https://t.co/VS3Ws1w2bX
https://www.youtube.com/watch?v=wlJElPA0xqY
https://twitter.com/cyb3rops/status/1203683809516048384
https://twitter.com/cyb3rops/status/1203683618587058178
https://t.co/rJvx5fX6z9
https://t.co/VVqnGnteb3
https://www.nextron-systems.com/2019/10/04/antivirus-event-analysis-cheat-sheet-v1-7-2/
https://github.com/Neo23x0/Loki
https://twitter.com/cyb3rops/status/1203454507960717313
https://twitter.com/cyb3rops/status/1202955474716545032
https://t.co/6mPFjFNc55
https://norfolkinfosec.com/jeshell-an-oceanlotus-apt32-backdoor/
https://twitter.com/cyb3rops/status/1202844676254052353
https://twitter.com/cyb3rops/status/1202843110260252672
https://t.co/WPLrqhkkHc
https://twitter.com/hatr/status/1202815789570633728
https://twitter.com/cyb3rops/status/1202728043053305857
https://twitter.com/cyb3rops/status/1202618803747733506
https://twitter.com/cyb3rops/status/1202579644836438016
https://t.co/YFcO2Pqj1u
https://twitter.com/RedDrip7/status/1202447171666079744
https://twitter.com/cyb3rops/status/1202523280512626688
https://twitter.com/cyb3rops/status/1202500160514928640
https://t.co/ZqNlZZNXJ2
https://t.co/1nUh3VPJk6
https://t.co/cAoAeT0x9h
http://Paste.ee
https://www.virustotal.com/gui/domain/paste.ee/relations
https://github.com/Neo23x0/sigma/blob/master/rules/proxy/proxy_raw_paste_service_access.yml
https://twitter.com/cyb3rops/status/1202275363080024064
https://twitter.com/cyb3rops/status/1202274934355091456
https://twitter.com/cyb3rops/status/1202270113648594944
https://twitter.com/cyb3rops/status/1202268508274483201
https://twitter.com/cyb3rops/status/1202258475671261184
https://twitter.com/cyb3rops/status/1202159000772587520
https://twitter.com/cyb3rops/status/1201926422308237312
https://twitter.com/cyb3rops/status/1201895783420833792
https://twitter.com/cyb3rops/status/1201894773478641664
https://twitter.com/cyb3rops/status/1201893721106714624
https://twitter.com/cyb3rops/status/1201888393355026432
https://t.co/sGvzERXDPN
https://t.co/G2s6pF2IY8
https://www.microsoft.com/en-us/p/move-mouse/9nq4ql59xlbf
https://www.zhornsoftware.co.uk/caffeine/
https://twitter.com/cyb3rops/status/1201837868584443904
https://twitter.com/cyb3rops/status/1201835958854987777
https://twitter.com/cyb3rops/status/1201536445414072320
https://twitter.com/cyb3rops/status/1201519099672694784
https://t.co/yPkFoXO4R9
https://github.com/Neo23x0/sigma/tree/master/rules/proxy
https://twitter.com/cyb3rops/status/1201173697958174720
https://t.co/6CxOp4NMMY
https://medium.com/@cyb3rops/an-overlooked-but-intriguing-sigma-use-case-221987f7b588
https://twitter.com/cyb3rops/status/1200825649004498945
https://twitter.com/cyb3rops/status/1200692267461296128
https://t.co/tJgC3YPTaC
https://github.com/Neo23x0/sigma/releases
https://twitter.com/cyb3rops/status/1200490247710298113
https://t.co/pCbwpoj203
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_grizzlybear_uscert.yar#L909
https://twitter.com/cyb3rops/status/1200438677748498432
https://t.co/0mtqz7MyMu
https://www.obdev.at/products/littlesnitch/index.html
https://twitter.com/cyb3rops/status/1200323607156658176
https://t.co/54BcIfPFG8
https://t.co/pyNcq1kQll
https://nostarch.com/catalog/security
https://twitter.com/nostarch/status/1200315966388932609
https://twitter.com/cyb3rops/status/1200303511445131266
https://twitter.com/cyb3rops/status/1200119911592448000
https://twitter.com/cyb3rops/status/1200099318058881024
https://twitter.com/cyb3rops/status/1200098734274752512
https://twitter.com/cyb3rops/status/1200058307412668417
https://twitter.com/cyb3rops/status/1200057499010977794
https://twitter.com/cyb3rops/status/1200034726578442246
https://twitter.com/cyb3rops/status/1199978566982799360
https://twitter.com/cyb3rops/status/1199978327697694720
https://twitter.com/cyb3rops/status/1199953158451138560
https://twitter.com/cyb3rops/status/1199826292943790082
https://twitter.com/cyb3rops/status/1199730236243554305
https://twitter.com/cyb3rops/status/1199692277100285952
https://twitter.com/cyb3rops/status/1199632630398013443
https://twitter.com/cyb3rops/status/1199335346435055616
https://twitter.com/cyb3rops/status/1199218402570752000
https://t.co/ZwOtfExVLK
https://posts.specterops.io/introducing-the-funnel-of-fidelity-b1bb59b04036
https://twitter.com/cyb3rops/status/1199098028105388032
https://t.co/M72zs066vU
https://www.sweetscape.com/010editor/beta/
https://twitter.com/cyb3rops/status/1198903909840015360
https://t.co/Zq6olhJwDh
https://github.com/Neo23x0/Loki/issues/137
https://twitter.com/cyb3rops/status/1198656406087450625
https://twitter.com/cyb3rops/status/1198627721343119360
https://twitter.com/cyb3rops/status/1198625333039321088
https://t.co/krolVqvCfT
https://youtu.be/ddAtMMDeeq8
https://twitter.com/cyb3rops/status/1198597936185303040
https://t.co/GlsVbmLvjo
https://medium.com/@dimitrismargaritis/prevent-legitimate-windows-executables-to-be-used-to-gain-initial-foothold-in-your-infrastructure-39771cd6ec90
https://twitter.com/cyb3rops/status/1198586471361515520
https://t.co/XmVBuYoWIw
https://github.com/Neo23x0/sigma/blob/master/README.md#info-graphic
https://twitter.com/cyb3rops/status/1198581239399276544
https://twitter.com/cyb3rops/status/1198580730076512257
https://twitter.com/cyb3rops/status/1198518063194411008
https://twitter.com/cyb3rops/status/1198505355346620417
https://twitter.com/cyb3rops/status/1198504990609989632
https://twitter.com/cyb3rops/status/1198503407184691200
https://twitter.com/cyb3rops/status/1198502114558914561
https://twitter.com/cyb3rops/status/1198501469701525505
https://twitter.com/cyb3rops/status/1198395209505280000
https://twitter.com/cyb3rops/status/1198394822874275840
https://twitter.com/cyb3rops/status/1198393292246978560
https://twitter.com/cyb3rops/status/1198392273601470465
https://twitter.com/cyb3rops/status/1198381080463790080
https://twitter.com/cyb3rops/status/1198378864726224896
https://twitter.com/cyb3rops/status/1198375683698888706
https://twitter.com/cyb3rops/status/1198374323683246080
https://twitter.com/cyb3rops/status/1198373398939918337
https://twitter.com/cyb3rops/status/1198371143826186244
https://twitter.com/cyb3rops/status/1198370606787497985
https://twitter.com/cyb3rops/status/1198366737227534337
https://twitter.com/cyb3rops/status/1198363112937799680
https://twitter.com/cyb3rops/status/1198361031787061248
https://twitter.com/cyb3rops/status/1198320774555279363
https://twitter.com/cyb3rops/status/1198318316139483141
https://twitter.com/cyb3rops/status/1198317892258992128
https://twitter.com/cyb3rops/status/1198316474726830082
https://twitter.com/cyb3rops/status/1198315962119966720
https://twitter.com/cyb3rops/status/1198315646280491015
https://twitter.com/cyb3rops/status/1198286918787747840
https://twitter.com/cyb3rops/status/1198255103188316160
https://twitter.com/cyb3rops/status/1198243844669739008
https://twitter.com/cyb3rops/status/1198243018110914563
https://twitter.com/cyb3rops/status/1198241758792077312
https://twitter.com/cyb3rops/status/1198234640361951233
https://twitter.com/cyb3rops/status/1198231126508285952
https://t.co/Dgac7ew0PZ
https://medium.com/@cyb3rops/the-problems-with-todays-red-teaming-7b8ed1e735c9
https://twitter.com/cyb3rops/status/1198203623672549376
https://twitter.com/cyb3rops/status/1198188660916719616
https://twitter.com/cyb3rops/status/1198184010389884928
https://twitter.com/cyb3rops/status/1198183865434722304
https://twitter.com/cyb3rops/status/1198176309316378624
https://twitter.com/cyb3rops/status/1198175023602765824
https://t.co/mKD3H2FoVy
https://twitter.com/cyb3rops/status/1198173829736095744
https://twitter.com/cyb3rops/status/1198173829736095744
https://twitter.com/cyb3rops/status/1198141213125337088
https://twitter.com/cyb3rops/status/1197897723376230400
https://twitter.com/cyb3rops/status/1197865393311899648
https://twitter.com/cyb3rops/status/1197862484826349569
https://twitter.com/cyb3rops/status/1197169906690727936
https://twitter.com/cyb3rops/status/1197153025011408896
https://t.co/8V7n4125yj
https://twitter.com/helpnetsecurity/status/1197103102106701825
https://twitter.com/cyb3rops/status/1197069110577893376
https://t.co/P1lUvD832w
https://t.co/0kJJXmLVnD
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_exploit_cve_2019_1388.yml
https://www.zerodayinitiative.com/blog/2019/11/19/thanksgiving-treat-easy-as-pie-windows-7-secure-desktop-escalation-of-privilege
https://twitter.com/cyb3rops/status/1196552737611243520
https://t.co/Dhf1uSmWGQ
https://www.humblebundle.com/books/cybersecurity-2019-packt-books?partner=cyb3rops&charity=2330496
https://twitter.com/cyb3rops/status/1196459259623616518
https://twitter.com/cyb3rops/status/1196450550713323521
https://t.co/grdCaxdKNj
https://www.linkedin.com/feed/update/urn:li:activity:6600059907867713536/
https://twitter.com/cyb3rops/status/1196448237445619713
https://t.co/uoh65Kn9oQ
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_renamed_procdump.yml
https://twitter.com/cyb3rops/status/1196371769055174658
https://twitter.com/cyb3rops/status/1196189366147829762
https://twitter.com/cyb3rops/status/1195980921222111232
https://twitter.com/cyb3rops/status/1195629417806155776
https://t.co/VZ6YasXQMt
https://www.sans.org/security-resources/posters/dfir/hunt-evil-165
https://twitter.com/cyb3rops/status/1195612709540257792
https://twitter.com/cyb3rops/status/1195596739702591488
https://t.co/zaPihD6qat
https://twitter.com/gentilkiwi/status/1195501754625986560
https://twitter.com/cyb3rops/status/1195595414260584448
https://twitter.com/cyb3rops/status/1195595118532841472
https://twitter.com/cyb3rops/status/1195409629527891970
https://twitter.com/cyb3rops/status/1195405877198635009
https://twitter.com/cyb3rops/status/1195402465136513030
https://twitter.com/cyb3rops/status/1195368440460120064
https://twitter.com/cyb3rops/status/1195325619099308033
https://twitter.com/cyb3rops/status/1195321026210664448
https://t.co/2GUqT5iIlr
https://www.virustotal.com/gui/file/9b4d9812d742679f2277d00454e764c3ad2c7511fb8035ca5713f8d226a72b86/detection
https://twitter.com/cyb3rops/status/1195298552643227648
https://twitter.com/cyb3rops/status/1195296302042681344
https://t.co/DFxGDnyyZj
https://t.co/vA7XESIiP3
https://github.com/Neo23x0/sigma/blob/master/rules/windows/builtin/win_susp_rottenpotato.yml
https://twitter.com/SBousseaden/status/1195284233729777665
https://twitter.com/cyb3rops/status/1195275216534028289
https://twitter.com/cyb3rops/status/1195235384055218178
https://t.co/tIlcnXUdVN
https://github.com/Neo23x0/sigma/blob/master/tools/sigma/backends/elasticsearch.py#L432
https://twitter.com/cyb3rops/status/1195234869510647808
https://t.co/MrJWUTTqQ4
https://github.com/Neo23x0/sigma/tree/master/tools/sigma/backends
https://twitter.com/cyb3rops/status/1195229669341175810
https://twitter.com/cyb3rops/status/1195125055405088768
https://t.co/u5CKuD9wEG
https://github.com/Neo23x0/sigma/pull/529
https://twitter.com/cyb3rops/status/1195123072896045057
https://t.co/wsLkVGFYm8
https://t.co/llJ5wRyC3M
https://www.embercybersecurity.com/blog/cve-2019-1378-exploiting-an-access-control-privilege-escalation-vulnerability-in-windows-10-update-assistant-wua
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_exploit_cve_2019_1378.yml
https://twitter.com/cyb3rops/status/1195116131436179456
https://t.co/dDETwQKWvc
https://github.com/Neo23x0/yarAnalyzer
https://twitter.com/cyb3rops/status/1194917274571948032
https://t.co/0f6Pyw0r3c
https://twitter.com/13CubedDFIR/status/1193864966350221312
https://twitter.com/cyb3rops/status/1194907295265775616
https://twitter.com/cyb3rops/status/1194905875649040384
https://twitter.com/cyb3rops/status/1194905093327470592
https://twitter.com/cyb3rops/status/1194903151025041410
https://t.co/WE26NQAIAD
https://t.co/OfdPlZ76zF
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_susp_msiexec_cwd.yml
https://twitter.com/200_okay_/status/1194762518486495232
https://twitter.com/cyb3rops/status/1194663214467948551
https://twitter.com/cyb3rops/status/1194660031918149632
https://twitter.com/cyb3rops/status/1194659151550590976
https://t.co/FjmG43yVDm
https://t.co/EmbtKpKJp8
https://github.com/Neo23x0/munin
https://hybrid-analysis.com/sample/4c1a9ba633f739434cc81f23de9c6c1c12cdeacd985b96404a4c2bae2e54b0f5/5d70e348028838137fd2d248
https://twitter.com/cyb3rops/status/1194652218168922115
https://t.co/EzF7qdkJ9D
https://blog.talosintelligence.com/2019/11/hunting-for-lolbins.html
https://twitter.com/cyb3rops/status/1194650778029441024
https://twitter.com/cyb3rops/status/1194644549102178305
https://twitter.com/cyb3rops/status/1194616974191542273
https://t.co/ygrjEIIpQX
https://twitter.com/blubbfiction/status/1194386858920304640
https://twitter.com/cyb3rops/status/1194546704466530310
https://twitter.com/cyb3rops/status/1194541840013369344
https://twitter.com/cyb3rops/status/1194379970547724288
https://t.co/WQXydhXZo6
https://www.idgard.de/en/
https://twitter.com/cyb3rops/status/1194330847844950017
https://twitter.com/cyb3rops/status/1194243634033561600
https://twitter.com/cyb3rops/status/1194242283849302016
https://twitter.com/cyb3rops/status/1194242128915959810
https://twitter.com/cyb3rops/status/1194224439468146688
https://twitter.com/cyb3rops/status/1194177583988051969
https://twitter.com/cyb3rops/status/1194176888006234112
https://t.co/HPIVxJQC3n
https://www.youtube.com/watch?v=sXRGhlojHjs
https://twitter.com/cyb3rops/status/1194159754064617472
https://t.co/dN4eVJ4NaG
https://t.co/Hr8vvedq45
https://www.virustotal.com/gui/file/2f9c1b55d30194c125e4e6bab5c38fee7f4b74bc77fb3250a31f98f8c13405a6/details
https://securelist.com/darkuniverse-the-mysterious-apt-framework-27/94897/
https://twitter.com/cyb3rops/status/1194155521323999233
https://twitter.com/cyb3rops/status/1194152309934247936
https://twitter.com/cyb3rops/status/1194151249760989185
https://twitter.com/cyb3rops/status/1194147809555038208
https://twitter.com/cyb3rops/status/1194144223613915136
https://t.co/m59FyknfbT
https://www.brainloop.com/en/home
https://twitter.com/cyb3rops/status/1193918589805432834
https://t.co/1YFvOZW7Tt
https://t.co/TF7GVt4HMO
https://t.co/Gy6xCsTECp
https://www.virustotal.com/gui/file/ab6f39f913a925cf4e9fa7717db0e3eb38b5ae61e057a2e76043b539f3c0dc91/details
https://unit42.paloaltonetworks.com/a-look-into-fysbis-sofacys-linux-backdoor/
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_sofacy_fysbis.yar
https://twitter.com/cyb3rops/status/1193907388048429056
https://twitter.com/cyb3rops/status/1193819905394696193
https://twitter.com/cyb3rops/status/1193588953435312128
https://t.co/ExZCChD5Vl
https://github.com/Neo23x0/Loki/issues
https://twitter.com/cyb3rops/status/1193468514985754624
https://twitter.com/cyb3rops/status/1193454375181656065
https://t.co/cnekD1FVDR
https://twitter.com/cyb3rops/status/1193435228548800515?s=21
https://twitter.com/cyb3rops/status/1193449048444940288
https://t.co/4yx1bsW8Sy
https://twitter.com/cyb3rops/status/1193234666460995584?s=21
https://twitter.com/cyb3rops/status/1193447223587196928
https://twitter.com/cyb3rops/status/1193442041235222528
https://twitter.com/cyb3rops/status/1193442032691433472
https://twitter.com/cyb3rops/status/1193436852272947200
https://twitter.com/cyb3rops/status/1193435237063282688
https://twitter.com/cyb3rops/status/1193435234928406529
https://twitter.com/cyb3rops/status/1193435233250693120
https://twitter.com/cyb3rops/status/1193435231413571585
https://twitter.com/cyb3rops/status/1193435228548800515
https://twitter.com/cyb3rops/status/1193435222311870465
https://twitter.com/cyb3rops/status/1193435220395089920
https://twitter.com/cyb3rops/status/1193435218482470912
https://twitter.com/cyb3rops/status/1193435216074956801
https://twitter.com/cyb3rops/status/1193435205622738946
https://twitter.com/cyb3rops/status/1193272118424813569
https://twitter.com/cyb3rops/status/1193254070162776064
https://twitter.com/cyb3rops/status/1193251497817063431
https://twitter.com/cyb3rops/status/1193234666460995584
https://t.co/rJvx5fX6z9
https://www.nextron-systems.com/2019/10/04/antivirus-event-analysis-cheat-sheet-v1-7-2/
https://twitter.com/cyb3rops/status/1193219717059792896
https://t.co/rJvx5fX6z9
https://t.co/ogNPRjWprL
https://www.nextron-systems.com/2019/10/04/antivirus-event-analysis-cheat-sheet-v1-7-2/
https://github.com/Neo23x0/sigma/tree/master/rules/windows/malware
https://twitter.com/cyb3rops/status/1193191644679544834
https://twitter.com/cyb3rops/status/1193182244535443456
https://twitter.com/cyb3rops/status/1193181674915450886
https://twitter.com/cyb3rops/status/1193179591185227776
https://twitter.com/cyb3rops/status/1193178271841579008
https://twitter.com/cyb3rops/status/1193175521846321160
https://twitter.com/cyb3rops/status/1192709617240944640
https://twitter.com/cyb3rops/status/1192698029809262592
https://twitter.com/cyb3rops/status/1192465969303691264
https://twitter.com/cyb3rops/status/1192463174043422721
https://t.co/7LtaKRP5Eb
https://www.youtube.com/watch?v=qQgMItxdyqQ
https://twitter.com/cyb3rops/status/1192437122919272450
https://twitter.com/cyb3rops/status/1192431889090564096
https://twitter.com/cyb3rops/status/1192426616837812224
https://twitter.com/cyb3rops/status/1192339921492697089
https://twitter.com/cyb3rops/status/1192338304416571393
https://twitter.com/cyb3rops/status/1192333886866501632
https://twitter.com/cyb3rops/status/1192332969853235200
https://twitter.com/cyb3rops/status/1192324632164143104
https://twitter.com/cyb3rops/status/1192323657886052357
https://twitter.com/cyb3rops/status/1192322702209699841
https://twitter.com/cyb3rops/status/1192215961555886080
https://twitter.com/cyb3rops/status/1192210936939106304
https://twitter.com/cyb3rops/status/1192165566297104384
https://t.co/R49lpjZxTH
https://t.co/PC03QHPOfz
https://app.any.run/tasks/e811cbfe-81ab-49fc-8c1e-4687bf1f1f70/
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_nk_gen.yar
https://twitter.com/cyb3rops/status/1192067514525716480
https://twitter.com/cyb3rops/status/1192066286861389826
https://t.co/uZOi2NMg0N
https://twitter.com/ProtAAPP/status/1192064195597963265
https://twitter.com/cyb3rops/status/1192056115045044225
https://t.co/Hr8vvedq45
https://securelist.com/darkuniverse-the-mysterious-apt-framework-27/94897/
https://twitter.com/cyb3rops/status/1192032103187304449
https://twitter.com/cyb3rops/status/1192031472829566976
https://t.co/WLoPR9fejE
https://www.csoonline.com/article/3451585/boeings-poor-information-security-posture-threatens-passenger-safety-national-security-researcher-s.html
https://twitter.com/cyb3rops/status/1191977904860811264
https://t.co/uQHoFnIhSB
https://github.com/StrangerealIntel/CyberThreatIntel/blob/master/Unknown/APT-C-37/26-08-19/APT-C-37%20analysis.md
https://twitter.com/cyb3rops/status/1191819330109034496
https://twitter.com/cyb3rops/status/1191725493885779968
https://t.co/oQdUQbdreZ
https://www.lastline.com/
https://twitter.com/cyb3rops/status/1191699873994817536
https://twitter.com/cyb3rops/status/1191698524603322368
https://t.co/o0g5t6VcXb
https://t.co/yom67lQ1N3
https://gist.github.com/thomaspatzke/74c920fc5009f678cca5e2c7259308a4
https://twitter.com/cyb3rops/status/1191345532352057344
https://twitter.com/cyb3rops/status/1191664257114497025
https://twitter.com/cyb3rops/status/1191658393204928513
https://twitter.com/cyb3rops/status/1191628707267567616
https://twitter.com/cyb3rops/status/1191613373911310336
https://twitter.com/cyb3rops/status/1191373116234186752
https://twitter.com/cyb3rops/status/1191358921635700736
https://t.co/6KLAU2u4WC
https://doublepulsar.com/bluekeep-exploitation-activity-seen-in-the-wild-bd6ee6e599a6
https://twitter.com/cyb3rops/status/1191357327141670913
https://twitter.com/cyb3rops/status/1191353145751932929
https://twitter.com/cyb3rops/status/1191345532352057344
https://twitter.com/cyb3rops/status/1191333374570455042
https://twitter.com/cyb3rops/status/1191323277790191617
https://twitter.com/cyb3rops/status/1191313780803854336
https://t.co/xyKowVoSW8
https://bitcoin.es/actualidad/everis-se-encuentra-sufriendo-un-hackeo-cryptografico/
https://twitter.com/cyb3rops/status/1191310663496425472
https://t.co/z04QEHQM82
https://twitter.com/ArnauEstebanell/status/1191296125912961024
https://twitter.com/cyb3rops/status/1191307015492177920
https://t.co/IM4Jfy4M81
https://github.com/airbus-cert/PSTrace
https://twitter.com/cyb3rops/status/1191304533470851074
https://twitter.com/cyb3rops/status/1191256489010307073
https://twitter.com/cyb3rops/status/1190369146846023680
https://t.co/FuI5G2pseZ
https://twitter.com/VK_Intel/status/1190317493224689667
https://twitter.com/cyb3rops/status/1190304186950389761
https://t.co/8IfxrKSCIi
https://github.com/DFIRKuiper/Kuiper/blob/master/README.md
https://twitter.com/cyb3rops/status/1190223732935188486
https://t.co/OilSRhxUJu
https://t.co/PyqajgcQdu
https://t.co/glMi8lhbLB
https://amzn.to/2Nyy2tQ
https://amzn.to/2N4C922
https://amzn.to/2C4v5vO
https://twitter.com/cyb3rops/status/1190192027973144576
https://twitter.com/cyb3rops/status/1190190141429694464
https://twitter.com/cyb3rops/status/1189951712112631808
https://twitter.com/cyb3rops/status/1189858971932336129
https://twitter.com/cyb3rops/status/1189858546445438977
https://t.co/PxTjYVBh4q
https://www.virustotal.com/old-browsers/
https://twitter.com/cyb3rops/status/1189822735079366657
https://t.co/XXxuv8ra9p
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_malware_formbook.yml
https://twitter.com/cyb3rops/status/1189814034922704896
https://twitter.com/cyb3rops/status/1189811657083695105
https://twitter.com/cyb3rops/status/1189576756501647360
https://t.co/q5dOR9BXkV
https://t.co/B3j7IIPkRB
https://www.virustotal.com/gui/file/3e5faf7e18ec1ac438dc45ba54a6ae9a6501e0e899c1f5782e6be48076162eb5/detection
https://pastebin.com/mRSSS931
https://twitter.com/cyb3rops/status/1189547902605168642
https://t.co/d6NNX2tJ2k
https://t.co/5rehjIaOsK
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_malware_dtrack.yml
https://app.any.run/tasks/ce4deab5-3263-494f-93e3-afb2b9d79f14/
https://twitter.com/cyb3rops/status/1189540482843578368
https://twitter.com/cyb3rops/status/1189539482388910085
https://twitter.com/cyb3rops/status/1189539222241398784
https://t.co/wXkI55x4x5
https://twitter.com/cyb3rops/status/870375701081456643
https://twitter.com/cyb3rops/status/1189538138852642816
https://twitter.com/cyb3rops/status/1189493250417143808
https://twitter.com/cyb3rops/status/1189426003346624512
https://t.co/GblQ3rq1iH
https://securelist.com/my-name-is-dtrack/93338/
https://twitter.com/cyb3rops/status/1189201552071901185
https://t.co/UdXqQhoNlv
https://t.co/gqjkTw5mEF
https://t.co/Luw13BZNgC
https://t.co/9JyNSMGYap
https://github.com/Neo23x0/sigma/pull/499
https://www.limacharlie.io/
https://github.com/Neo23x0/sigma/pull/491
https://github.com/tenzir/vast
https://twitter.com/cyb3rops/status/1189178428131426304
https://twitter.com/cyb3rops/status/1189176181398134784
https://t.co/rnaTTOnnpX
https://yara.readthedocs.io/en/latest/writingrules.html#xor-strings
https://twitter.com/cyb3rops/status/1189171571610574861
https://twitter.com/cyb3rops/status/1189162974734360576
https://twitter.com/cyb3rops/status/1189107813114699776
https://t.co/YnGDLoj5xd
https://t.co/fYDUlsziRI
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_susp_obfuscation.yar#L18
https://gchq.github.io/CyberChef/#recipe=Fork('%5C%5Cn','%5C%5Cn',false)Show_Base64_offsets('A-Za-z0-9%2B/%3D',false,'Raw')&input=VFZwVEFRRQpUVm9BQUFBClRWcUFBQUUKVFZwUUFBSQpUVnFRQUFN
https://twitter.com/cyb3rops/status/1188911699107176448
https://t.co/Dlgszg97I9
https://t.co/ixD3hQjZBl
https://twitter.com/a_tweeter_user/status/1188811977851887616
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_dtrack.yar
https://twitter.com/cyb3rops/status/1188900959428206592
https://t.co/q7AB1HaJK1
https://app.any.run/tasks/fee4f6d4-9266-4f0c-a0dc-067d1746a97e
https://twitter.com/cyb3rops/status/1188877844568559616
https://twitter.com/cyb3rops/status/1188875816823902210
https://twitter.com/cyb3rops/status/1188865289003425792
https://t.co/o5HMKy6KCK
https://pastebin.com/HLJHc1wL
https://twitter.com/cyb3rops/status/1188798255238385664
https://t.co/SUpoofGEUF
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_xor_hunting.yar
https://twitter.com/cyb3rops/status/1188795321146576896
https://t.co/SUpoofGEUF
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_xor_hunting.yar
https://twitter.com/cyb3rops/status/1188794133709754368
https://t.co/SUpoofGEUF
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_xor_hunting.yar
https://twitter.com/cyb3rops/status/1188774160564142081
https://t.co/2IlKSNOWTn
https://t.co/MlO5YG27x2
https://posts.specterops.io/lateral-movement-scm-and-dll-hijacking-primer-d2f61e8ab992
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_svchost_dll_search_order_hijack.yml
https://twitter.com/cyb3rops/status/1188769499392237569
https://twitter.com/cyb3rops/status/1188730950303342592
https://twitter.com/cyb3rops/status/1188412096041684992
https://twitter.com/cyb3rops/status/1188392018986311681
https://t.co/ABBMQGvekg
https://twitter.com/chadtilbury/status/1188124882221043712
https://twitter.com/cyb3rops/status/1188145408280793090
https://twitter.com/cyb3rops/status/1188070089721024513
https://t.co/HDXj99ViQD
https://github.com/Neo23x0/sigma/blob/master/rules/proxy/proxy_ua_suspicious.yml#L24
https://twitter.com/cyb3rops/status/1188068281359503360
https://t.co/CZo4HCdQH5
https://github.com/Neo23x0/sigma/blob/master/rules/proxy/proxy_ua_malware.yml#L53
https://twitter.com/cyb3rops/status/1188067591652364288
https://twitter.com/cyb3rops/status/1188065614344130560
https://t.co/glrlpAOoEj
https://t.co/pySa10Dr7X
https://t.co/j36eOpKfix
https://twitter.com/meltx0r/status/1187598948749303808?s=12
https://app.any.run/tasks/7d7fa4a0-6970-4428-828b-29572abf9ceb/
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_office_spawn_exe_from_users_directory.yml
https://twitter.com/cyb3rops/status/1187998584836366336
https://twitter.com/cyb3rops/status/1187992532023676929
https://t.co/uPakffpbOv
https://t.co/Wet38TQIrv
https://t.co/7c2nlFeVhV
https://www.fireeye.com/blog/threat-research/2013/08/breaking-down-the-china-chopper-web-shell-part-ii.html
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_webshell_spawn.yml
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_webshell_detection.yml
https://twitter.com/cyb3rops/status/1187981406326214656
https://t.co/ucCUeHuVE3
https://nextcloud.com/blog/urgent-security-issue-in-nginx-php-fpm/
https://twitter.com/cyb3rops/status/1187666082531856385
https://t.co/cRQ6hyBqHi
https://t.co/BZ4hBFZkjt
https://t.co/NuJ1Q9smZb
https://www.php.net/ChangeLog-7.php#7.1.33
https://bugs.php.net/bug.php?id=78599
https://github.com/neex/phuip-fpizdam
https://twitter.com/cyb3rops/status/1187654008183361537
https://twitter.com/cyb3rops/status/1187648328605097986
https://twitter.com/cyb3rops/status/1187637290442674176
https://twitter.com/cyb3rops/status/1187360596402098178
https://t.co/bcjJl88s6h
https://gist.github.com/Neo23x0/f1bb645a4f715cb499150c5a14d82b44
https://twitter.com/cyb3rops/status/1187351975270199298
https://twitter.com/cyb3rops/status/1187350364514848771
https://t.co/veambnxRfo
https://t.co/O5kcYjmz6K
https://threat.tevora.com/5-minute-forensics-decoding-powershell-payloads/
https://www.hybrid-analysis.com/sample/b744129bfe54de8b36d7556ddfcc55d0be213129041aacf52b7d2f57012caa60?environmentId=100
https://twitter.com/cyb3rops/status/1187349678477791232
https://twitter.com/cyb3rops/status/1187344270111494149
https://twitter.com/cyb3rops/status/1187343322576240640
https://twitter.com/cyb3rops/status/1187341941794660354
https://t.co/NLFmiEVwO7
https://gist.github.com/Neo23x0/6af876ee72b51676c82a2db8d2cd3639
https://twitter.com/cyb3rops/status/1187330917150445568
https://t.co/AuKrPW7spf
https://valhalla.nextron-systems.com/
https://twitter.com/cyb3rops/status/1187305226165837824
https://t.co/znv1NkxKQc
https://t.co/VCCMDsRq88
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_hwp_exploits.yml
https://www.hybrid-analysis.com/sample/d4f055d170fd783ae4f010df64cfd18d8fa9a971378298eb6e863c60f57b93e3?environmentId=110
https://twitter.com/cyb3rops/status/1187039856729477120
https://t.co/6DotMOS9JJ
https://gchq.github.io/CyberChef/#recipe=From_Hex('Auto')&input=NEQgNUEgMDAgMDAgNTAgNDUgMDAgMDAgNEMgMDEgMDEgMDAgNkEgMkEgNTggQzMKMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDQgMDAgMDMgMDEgMEIgMDEgMDggMDAKMDEgMDAgMDAgODAgMDAgMDAgMDAgMDAgNzkgMDAgMDAgMDAgMEMgMDAgMDAgMDAKNzkgMDAgMDAgMDAgMEMgMDAgMDAgMDAgMDAgMDAgNDAgMDAgMDQgMDAgMDAgMDAKMDQgMDAgMDAgMDAgNzQgMDAgMDAgMDAgMjAgMDAgMDAgMDAgMDQgMDAgMDAgMDAKMDAgMDAgMDAgMDAgMDQgMDEgMDAgMDAgODggMDAgMDAgMDAgMDAgMDAgMDAgMDAKMDIgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAgMDAKMDAgMDAgMDAgMDAgNUMgNUMgMzYgMzYgMkUgMzkgMzMgMkUgMzYgMzggMkUgMzYKNUMgN0EgMDAgMDAgMzg
https://twitter.com/cyb3rops/status/1187037377560272897
https://t.co/BJ5js9tY77
https://webserver2.tecgraf.puc-rio.br/~ismael/Cursos/YC++/apostilas/win32_xcoff_pe/tyne-example/Tiny%20PE.htm
https://twitter.com/cyb3rops/status/1187021556444209154
https://t.co/HGa71FlHgx
https://twitter.com/DennisRand/status/1187007166500298752
https://twitter.com/cyb3rops/status/1186980052656971777
https://twitter.com/cyb3rops/status/1186937142745976833
https://twitter.com/cyb3rops/status/1186936104135643136
https://twitter.com/cyb3rops/status/1186931044798423042
https://t.co/4VM2tWf6Dc
https://docs.microsoft.com/en-us/windows-server/identity/securing-privileged-access/securing-privileged-access-reference-material
https://twitter.com/cyb3rops/status/1186929343475453957
https://twitter.com/cyb3rops/status/1186928323693285376
https://twitter.com/cyb3rops/status/1186926711390298113
https://twitter.com/cyb3rops/status/1186925238442975234
https://t.co/XXVCfq2tAl
https://sites.google.com/site/delphibasics/home/delphibasicssnippets/wipedosstub-removedosheaderfrompe
https://twitter.com/cyb3rops/status/1186924727744507906
https://t.co/3qoGWpK11x
https://t.co/8LLvOfvQdp
https://t.co/fzIT1xpiEs
https://www.virustotal.com/gui/file/6ba87447a7565b6ab936c80c6866b1ecbe72563ccf096dda7e9666e8a8cacf3c/community
https://www.virustotal.com/gui/file/8020bd7313381f9c17d0434c74ccdbfe4c8a37ad2cf8be36f4e3b8db9d51a453/detection
https://www.virustotal.com/gui/file/bd6a1b984c484e3db10d41d1e9c15c72881aa2b96d547b29fad01a72fd6ab9dc/detection
https://twitter.com/cyb3rops/status/1186639643783110656
https://twitter.com/cyb3rops/status/1186639130928844800
https://t.co/IlBve7OKpC
https://superuser.com/questions/75930/open-websites-using-binary-ip-address
https://twitter.com/cyb3rops/status/1186637773656203265
https://twitter.com/cyb3rops/status/1186637044447096832
https://twitter.com/cyb3rops/status/1186633866574008323
https://twitter.com/cyb3rops/status/1186632596337377280
https://twitter.com/cyb3rops/status/1186632281869422592
https://twitter.com/cyb3rops/status/1186631731543236608
https://t.co/qZoVIgmmcI
https://www.amazon.com/dp/1593272901/ref=cm_sw_r_sms_awdb_t1_L9VRDb5RSG55J
https://twitter.com/cyb3rops/status/1186629279708307456
https://twitter.com/cyb3rops/status/1186628794846777344
https://t.co/kDJKrSwkfd
https://techtalk.pcmatic.com/2017/11/30/running-dll-files-malware-analysis/
https://twitter.com/cyb3rops/status/1186595986392653826
https://t.co/EeaO95fFxj
https://t.co/iP4rtF12Up
https://github.com/Neo23x0/sigma
https://www.sans.org/webcasts/mitre-att-ck-sigma-alerting-110010
https://twitter.com/cyb3rops/status/1186593802598965249
https://t.co/xnJePO0x9K
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_susp_rundll32_by_ordinal.yml
https://twitter.com/cyb3rops/status/1186587058481094657
https://t.co/YPTAUUkFwI
https://twitter.com/Ministraitor/status/1186576775989616640
https://twitter.com/cyb3rops/status/1186266813212037120
https://twitter.com/cyb3rops/status/1186245397603323904
https://t.co/XtQAVrTHDJ
https://www.welivesecurity.com/2019/10/21/winnti-group-skip2-0-microsoft-sql-server-backdoor/
https://twitter.com/cyb3rops/status/1186242839325347841
https://t.co/LxmLzYfWFq
https://github.com/Neo23x0/sigma/blob/master/rules/proxy/proxy_ua_cryptominer.yml
https://twitter.com/cyb3rops/status/1186172830746062848
https://twitter.com/cyb3rops/status/1186168931809140736
https://t.co/kqDn8Cua4K
https://www.ncsc.gov.uk/news/turla-group-exploits-iran-apt-to-expand-coverage-of-victims
https://twitter.com/cyb3rops/status/1185827108699987968
https://twitter.com/cyb3rops/status/1185593715785637888
https://t.co/JJAmycDRG1
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_susp_wer_files.yar
https://twitter.com/cyb3rops/status/1185592811573383169
https://t.co/C2MFdVTr3C
https://app.any.run/tasks/527c6c0a-a50e-4225-9f12-916993f8e20d/
https://twitter.com/cyb3rops/status/1185588586088935424
https://twitter.com/cyb3rops/status/1185585050059976705
https://twitter.com/cyb3rops/status/1185574382518853632
https://t.co/2lHAwqyNui
https://t.co/0TrLgaMNl3
https://atom.io/themes/monokai-slate
https://atom.io/packages/language-yara
https://twitter.com/cyb3rops/status/1185550557936869376
https://t.co/rtFBNOv2oJ
https://t.co/ZuV6vk3xex
https://t.co/poGmoOonnc
https://atom.io/themes/one-dark-ui
https://atom.io/themes/atom-dark-syntax
https://github.com/tonsky/FiraCode
https://twitter.com/cyb3rops/status/1185544171437867010
https://t.co/3PGVa9bx7s
https://medium.com/dfir-dudes/amcache-is-not-alone-using-wer-files-to-hunt-evil-86bdfdb216d7
https://twitter.com/cyb3rops/status/1185479908522373125
https://twitter.com/cyb3rops/status/1185471325705396224
https://t.co/phc0kyzjNV
https://app.any.run/tasks/1aa2709e-1db4-4033-b80c-30a38e0675d0/
https://twitter.com/cyb3rops/status/1185470589550678016
https://twitter.com/cyb3rops/status/1185459425710092288
https://twitter.com/cyb3rops/status/1185302276002516992
https://twitter.com/cyb3rops/status/1185103787452751872
https://twitter.com/cyb3rops/status/1184773591398862849
https://t.co/LyQ2dhFLUr
https://t.co/ASthmRMWOS
https://t.co/Wn7oSJl8ON
https://stackoverflow.com/questions/39556514/sublime-text-3-how-to-edit-multiple-lines
https://stackoverflow.com/questions/25597327/selecting-multiple-lines-in-atom
https://stackoverflow.com/questions/3453151/notepad-multi-editing
https://twitter.com/cyb3rops/status/1184771507320430592
https://twitter.com/cyb3rops/status/1184769287527026688
https://t.co/h9B0Rl7CdZ
https://www.virustotal.com/gui/file/f9cde44e0b4e43775b28ce8689f747038f83ea0389d510b1da41e63392f3a269/submissions
https://twitter.com/cyb3rops/status/1184768821678223360
https://twitter.com/cyb3rops/status/1184763298706870272
https://t.co/bcjJl88s6h
https://gist.github.com/Neo23x0/f1bb645a4f715cb499150c5a14d82b44
https://twitter.com/cyb3rops/status/1184759564656402432
https://t.co/4sFJIySQHy
https://t.co/6g5vSKRiUZ
https://app.any.run/tasks/46cc133c-f3c6-4834-b139-0020ebed1c1e/
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_renamed_binary.yml
https://twitter.com/cyb3rops/status/1184753725757366272
https://t.co/kPB4xc3QZ6
https://twitter.com/Rmy_Reserve/status/1184699754334154752
https://twitter.com/cyb3rops/status/1184525657671372805
https://twitter.com/cyb3rops/status/1184519913211420674
https://t.co/06gLyXok8z
https://www.virustotal.com/gui/domain/losdivulgadores.com/details
https://twitter.com/cyb3rops/status/1184488812346560514
https://twitter.com/cyb3rops/status/1184484203859238918
https://t.co/yRHvTNdea4
https://uncoder.io
https://twitter.com/cyb3rops/status/1184459487425585152
https://twitter.com/cyb3rops/status/1184454454101315584
https://twitter.com/cyb3rops/status/1184438444715589632
https://twitter.com/cyb3rops/status/1184436211047456768
https://t.co/zCtJUuh7Jr
https://t.co/y68KL5vahr
https://t.co/Cc31NNi88B
https://blog.xpnsec.com/exploring-mimikatz-part-1/
https://twitter.com/SBousseaden/status/1183745981189427200
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_susp_lsass_dll_load.yml
https://twitter.com/cyb3rops/status/1184427844115587072
https://twitter.com/cyb3rops/status/1184388041475055617
https://twitter.com/cyb3rops/status/1184387635416051713
https://twitter.com/cyb3rops/status/1184386702338646016
https://t.co/TctCzWPqbU
https://t.co/SRpZtzrfki
https://app.any.run/tasks/97f875e8-0e08-4328-815f-055e971ba754/
https://app.any.run/tasks/e36c0b59-6843-42fd-b8d5-ccb1e23b398a/
https://twitter.com/cyb3rops/status/1184385201935454208
https://t.co/G97u3PXMpg
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_malware_emotet.yml
https://twitter.com/cyb3rops/status/1184117671962533888
https://t.co/yrVptw3Krg
https://t.co/ADj5nFCjQd
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_susp_compression_params.yml
https://twitter.com/SBousseaden/status/1184067445612535811
https://twitter.com/cyb3rops/status/1184099135923855363
https://twitter.com/cyb3rops/status/1184098415619252226
https://twitter.com/cyb3rops/status/1184098030234066945
https://twitter.com/cyb3rops/status/1184093241186107393
https://twitter.com/cyb3rops/status/1184090679858860033
https://t.co/wmEIk2JePc
https://github.com/Neo23x0/sigma/blob/master/rules/linux/lnx_sudo_cve_2019_14287.yml
https://twitter.com/cyb3rops/status/1184089647783256064
https://t.co/nGBp6ZQfCe
https://github.com/Neo23x0/sigma/tree/master/tools/config
https://twitter.com/cyb3rops/status/1184012731109773312
https://twitter.com/cyb3rops/status/1184011712393027585
https://t.co/wmEIk2JePc
https://t.co/awmLchavay
https://github.com/Neo23x0/sigma/blob/master/rules/linux/lnx_sudo_cve_2019_14287.yml
https://www.openwall.com/lists/oss-security/2019/10/14/1
https://twitter.com/cyb3rops/status/1184006402144116736
https://t.co/jjQnveBP6T
https://www.crowdstrike.com/blog/huge-fan-of-your-work-part-1/
https://twitter.com/cyb3rops/status/1183826231051149314
https://twitter.com/cyb3rops/status/1183776043448053760
https://twitter.com/cyb3rops/status/1183774159668764679
https://t.co/1qpmpH4Deu
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_susp_codepage_switch.yml
https://twitter.com/cyb3rops/status/1183761848719593473
https://twitter.com/cyb3rops/status/1183754357663260672
https://twitter.com/cyb3rops/status/1183752001982738433
https://twitter.com/cyb3rops/status/1183731359275274241
https://t.co/5qNvXA1J5A
https://www.ahnlab.com/kr/site/securityinfo/asec/asecReportView.do?groupCode=VNI001
https://twitter.com/cyb3rops/status/1183698616403271680
https://twitter.com/cyb3rops/status/1183652261018374144
https://twitter.com/cyb3rops/status/1183652075810574338
https://t.co/D2SegTh8QU
https://twitter.com/cyb3rops/status/1183645934355451905
https://twitter.com/cyb3rops/status/1183651777133961217
https://twitter.com/cyb3rops/status/1183646447042023424
https://t.co/MBJxPMRNws
http://kbdlayout.info/
https://twitter.com/cyb3rops/status/1183646067067424768
https://twitter.com/cyb3rops/status/1183645934355451905
https://twitter.com/cyb3rops/status/1183645565738987521
https://twitter.com/cyb3rops/status/1183644978574188544
https://twitter.com/cyb3rops/status/1183604488646680577
https://twitter.com/cyb3rops/status/1183457538743963648
https://twitter.com/cyb3rops/status/1183455484961013762
https://twitter.com/cyb3rops/status/1183451514838368256
https://twitter.com/cyb3rops/status/1183389010611396610
https://twitter.com/cyb3rops/status/1183388355901480960
https://t.co/MHUK0TpBbH
https://www.amazon.com/Countdown-Zero-Day-Stuxnet-Digital-ebook/dp/B00KEPLC08
https://twitter.com/cyb3rops/status/1183387155541962752
https://t.co/4NTDSj0EGc
https://www.imdb.com/title/tt1568346/
https://twitter.com/cyb3rops/status/1183344133764726784
https://twitter.com/cyb3rops/status/1183147712532959233
https://t.co/2pb2Q8Kl4i
https://www.teamviewer.com/en/trust-center/security/
https://twitter.com/cyb3rops/status/1183144771734462465
https://twitter.com/cyb3rops/status/1183141837713936384
https://twitter.com/cyb3rops/status/1183054225695215616
https://twitter.com/cyb3rops/status/1183053775717765120
https://t.co/HzDzOSCFhi
https://t.co/xkAOmrvtOZ
https://en.wikipedia.org/wiki/23_(film)
https://youtu.be/I4nAmrCqgAc
https://twitter.com/cyb3rops/status/1182954525923201025
https://twitter.com/cyb3rops/status/1182952295476142080
https://twitter.com/cyb3rops/status/1182951453188644864
https://twitter.com/cyb3rops/status/1182894982123937792
https://t.co/HremFkTX8G
https://www.zdnet.com/article/chinese-cyberspies-breached-teamviewer-in-2016/
https://twitter.com/cyb3rops/status/1182894392580947968
https://twitter.com/cyb3rops/status/1182701179047952384
https://twitter.com/cyb3rops/status/1182701039851585536
https://twitter.com/cyb3rops/status/1182698183689936898
https://twitter.com/cyb3rops/status/1182694308639584256
https://twitter.com/cyb3rops/status/1182693704181714946
https://twitter.com/cyb3rops/status/1182693518717927424
https://twitter.com/cyb3rops/status/1182692657048555520
https://twitter.com/cyb3rops/status/1182692149420347392
https://twitter.com/cyb3rops/status/1182625779248701440
https://t.co/Uf66a6hoUu
https://arstechnica.com/information-technology/2016/06/teamviewer-says-theres-no-evidence-of-2fa-bypass-in-mass-account-hack/
https://twitter.com/cyb3rops/status/1182620523974541314
https://twitter.com/cyb3rops/status/1182604107707748358
https://t.co/RxFObGxE1u
https://t.co/TopAhIC1Hb
https://twitter.com/cglyer/status/1181978827028873221
https://threadreaderapp.com/thread/1181978827028873221.html
https://twitter.com/cyb3rops/status/1182600570550575104
https://t.co/dJkym2nttO
https://t.co/uhzwb9p8Zj
https://twitter.com/cglyer/status/1182391019633029120
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_wmi_backdoor_exchange_transport_agent.yml
https://twitter.com/cyb3rops/status/1182582605381812224
https://twitter.com/cyb3rops/status/1182572589992042497
https://t.co/JLZ7GY5IPI
https://twitter.com/cglyer/status/1182413194360508419/photo/1
https://twitter.com/cyb3rops/status/1182300612886765569
https://t.co/x83yldLjT3
https://www.virustotal.com/gui/file/3de5c6ac612bd6d63a3fd1fe11a229acd9596c6716078a65da5546102e038c3f/detection
https://twitter.com/cyb3rops/status/1182259779533754368
https://t.co/MiSjTbAqkV
https://t.co/rnaTTOnnpX
https://t.co/gfcq805Aco
https://github.com/VirusTotal/yara/pull/1096
https://yara.readthedocs.io/en/latest/writingrules.html#xor-strings
https://github.com/VirusTotal/yara/releases/tag/v3.11.0
https://twitter.com/cyb3rops/status/1181952416260005888
https://twitter.com/cyb3rops/status/1181501696347955200
https://twitter.com/cyb3rops/status/1181490712308846592
https://twitter.com/cyb3rops/status/1181473208458981377
https://twitter.com/cyb3rops/status/1181180746909863936
https://t.co/stmXqzJ02b
https://www.virustotal.com/gui/file/694e5c4c2486db41ff21da38b47af265af7170042242515ad41bde2630b62fca/detection
https://twitter.com/cyb3rops/status/1180222209182306305
https://twitter.com/cyb3rops/status/1180127894502289408
https://t.co/JkrHfBx90u
https://t.co/rJvx5fX6z9
https://github.com/Neo23x0/sigma/commit/d096ab0e21a77594a38fa12f808d34b0f926dcf2
https://www.nextron-systems.com/2019/10/04/antivirus-event-analysis-cheat-sheet-v1-7-2/
https://twitter.com/cyb3rops/status/1180060062036955136
https://t.co/nJ0zn8YzJo
https://www.contextis.com/en/blog/avivore
https://twitter.com/cyb3rops/status/1180050767606095873
https://t.co/r5JHuOopYm
https://www.youtube.com/watch?v=wmN6wZ9rVPY
https://twitter.com/cyb3rops/status/1180045747598831616
https://t.co/0A3ORH0scO
https://t.co/3wKQDtiXLi
https://www.virustotal.com/gui/file/71160ab5f9e6cb5f36c2cbbed7e4a5cd579ce3ada117e4345ad8a31fd369d485/detection
https://twitter.com/craiu/status/1179718618675892225
https://twitter.com/cyb3rops/status/1179871387705643016
https://twitter.com/cyb3rops/status/1179869371080085506
https://twitter.com/cyb3rops/status/1179865937064988676
https://twitter.com/cyb3rops/status/1179861437231108102
https://twitter.com/cyb3rops/status/1179860651264630789
https://twitter.com/cyb3rops/status/1179860028188233732
https://twitter.com/cyb3rops/status/1179742888235847680
https://t.co/mvQw5ZbaXj
https://twitter.com/cyb3rops/status/863143844753412100
https://twitter.com/cyb3rops/status/1179741831669669889
https://t.co/q7GhzFJPwu
https://t.co/gAlLmBfgpR
https://t.co/ATCi0V9OAP
https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml#
https://twitter.com/cyb3rops/status/879810363088404480?lang=en
https://twitter.com/cyb3rops/status/863143844753412100?lang=en
https://twitter.com/cyb3rops/status/1179365750596886528
https://t.co/UbsE644K0E
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_apt_bluemashroom.yml
https://twitter.com/cyb3rops/status/1179085197754687488
https://twitter.com/cyb3rops/status/1178933433579573248
https://t.co/FoGeQU3jvK
https://t.co/Dd3h4pF5Zs
https://app.any.run/tasks/a10f5a05-db91-4497-b6bd-c069ea10e30c/
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_office_shell.yml
https://twitter.com/cyb3rops/status/1178755012534648834
https://t.co/OtZBT8vJKI
https://github.com/Neo23x0/exotron
https://twitter.com/cyb3rops/status/1178726801415254018
https://twitter.com/cyb3rops/status/1178724569160540161
https://t.co/u5PoV3UUHz
https://t.co/1xrPyQymKL
https://twitter.com/cyb3rops/status/1178670475964227585
https://twitter.com/cyb3rops/status/1178718322071867393
https://twitter.com/cyb3rops/status/1178724107090890752
https://twitter.com/cyb3rops/status/1178719704900341760
https://twitter.com/cyb3rops/status/1178718322071867393
https://t.co/XXxuv8ra9p
https://t.co/LTJvQfyRst
https://t.co/j5THKx9lXh
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_malware_formbook.yml
https://inquest.net/blog/2018/06/22/a-look-at-formbook-stealer
https://app.any.run/submissions
https://twitter.com/cyb3rops/status/1178685206208897024
https://t.co/FNr41arefu
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_susp_powershell_enc_cmd.yml
https://twitter.com/cyb3rops/status/1178670475964227585
https://t.co/G97u3PXMpg
https://t.co/oyi15TWJXY
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_malware_emotet.yml
https://app.any.run/submissions/
https://twitter.com/cyb3rops/status/1178564031453552642
https://twitter.com/cyb3rops/status/1178261917422489600
https://t.co/Crx7ro8JqP
https://twitter.com/YasirGokce/status/1177899275101061121
https://twitter.com/cyb3rops/status/1177926191770152960
https://t.co/3axLcTWzFa
https://github.com/Neo23x0/munin/
https://twitter.com/cyb3rops/status/1177916344999784448
https://twitter.com/cyb3rops/status/1177856141071704065
https://t.co/qjoHny0oWE
https://twitter.com/SaudiDFIR/status/1177740045186457600
https://twitter.com/cyb3rops/status/1177625597079691267
https://t.co/USdCB9kApi
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_susp_calc.yml
https://twitter.com/cyb3rops/status/1177623672552591361
https://twitter.com/cyb3rops/status/1177622439381082112
https://twitter.com/cyb3rops/status/1177617812661116929
https://t.co/Boa9DwdkWS
https://github.com/Neo23x0/sigma/
https://twitter.com/cyb3rops/status/1177616607469887488
https://t.co/iP4rtF12Up
https://www.sans.org/webcasts/mitre-att-ck-sigma-alerting-110010
https://twitter.com/cyb3rops/status/1177525311472316416
https://twitter.com/cyb3rops/status/1177525104361820161
https://twitter.com/cyb3rops/status/1176879249871052803
https://twitter.com/cyb3rops/status/1176866257481666560
https://t.co/d6Q7x1Nnvu
https://gist.github.com/Neo23x0/e3d4e316d7441d9143c7#magic-header-definitions
https://twitter.com/cyb3rops/status/1176862134258622464
https://twitter.com/cyb3rops/status/1176763517740957698
https://t.co/ZSgi5V4KAj
https://www.virustotal.com/gui/file/777f03eda81f380b0da33d96968dcf9476e6e10459a457f107fec019bc26734b/detection
https://twitter.com/cyb3rops/status/1176587800998830081
https://twitter.com/cyb3rops/status/1176495234357846016
https://twitter.com/cyb3rops/status/1174832464856014856
https://twitter.com/cyb3rops/status/1169861681498882049
https://t.co/LM4iW9nRmo
http://research.checkpoint.com/upsynergy/
https://twitter.com/cyb3rops/status/1169283358871957504
https://twitter.com/cyb3rops/status/1169216654867402752
https://twitter.com/cyb3rops/status/1169215623546753026
https://twitter.com/cyb3rops/status/1169215012285636608
https://twitter.com/cyb3rops/status/1169213502017429505
https://t.co/jiyZwzvPR0
https://www.virustotal.com/gui/file/ae34726a2701fe1fc521b17b84bf0fb6552e3a8cf0939c742b61105fc944290c/detection
https://twitter.com/cyb3rops/status/1169211589616181250
https://t.co/i4khtTlrR7
https://twitter.com/mysmartlogon/status/1168915231655022592
https://twitter.com/cyb3rops/status/1169186191826198528
https://twitter.com/cyb3rops/status/1169181445795012608
https://t.co/bxPDkXpUXb
https://www.virustotal.com/gui/file/ba29ad5b3d80bc3d688e13feab6369f3d1ebd24ccd6d34505961bace2cdbfefe/details
https://twitter.com/cyb3rops/status/1168880350002667521
https://t.co/vns3ecEJ2j
https://t.co/FNsxFbqSWj
https://t.co/lDv7ubI47k
https://t.co/kyuyTgFIo4
https://t.co/K3yPDE0MtO
https://twitter.com/daphiel/status/1168803696534282241
https://www.virustotal.com/gui/file/9000ce3c0e01b6c80edb3af87aad8117513ce334135aa7d7b1c2afa067f4c4ab/detection
https://www.virustotal.com/gui/file/51d22872ffb0e9c455435db7371f7c6f9ae5e8c69a5c01146d4d7fafe387b6a0/detection
https://app.any.run/tasks/579e7587-f09d-4aae-8b07-472833262965
https://github.com/Neo23x0/sigma/blob/master/rules/apt/apt_emissarypanda_sep19.yml
https://twitter.com/cyb3rops/status/1168876457101332480
https://twitter.com/cyb3rops/status/1168872262042345474
https://twitter.com/cyb3rops/status/1168870104718893056
https://twitter.com/cyb3rops/status/1168869266973741058
https://twitter.com/cyb3rops/status/1168868788474978305
https://twitter.com/cyb3rops/status/1168868544576143365
https://twitter.com/cyb3rops/status/1168865388941197312
https://t.co/HSJwx7Em7h
https://www.amazon.com/Chinese-Industrial-Espionage-Acquisition-Modernisation/dp/0415821428/
https://twitter.com/cyb3rops/status/1168863899531132929
https://t.co/vns3ecWjTR
https://twitter.com/daphiel/status/1168803696534282241
https://twitter.com/cyb3rops/status/1168863341063888896
https://t.co/VscI9BkdCy
https://www.virustotal.com/gui/file/fee067f6fe10f4d3f49fd082a2eb48619c4d43fc98bc689b3740cb862ff77d24/behavior/VirusTotal%20Jujubox
https://twitter.com/cyb3rops/status/1168862328990961664
https://t.co/4JGVJeinyQ
https://t.co/8lAcxkEybW
https://news.ycombinator.com/item?id=12046056
https://twitter.com/bl4sty/status/1168786176393785344
https://twitter.com/cyb3rops/status/1168861072075440128
https://twitter.com/cyb3rops/status/1168854850773368837
https://twitter.com/cyb3rops/status/1168854554244517891
https://t.co/5G7kYIhCI5
https://web.br.de/interaktiv/winnti/english/
https://twitter.com/cyb3rops/status/1168850863089160192
https://twitter.com/cyb3rops/status/1168842090526269441
https://twitter.com/cyb3rops/status/1168840603528044544
https://twitter.com/cyb3rops/status/1168837558610157568
https://twitter.com/cyb3rops/status/1168835964619411458
https://t.co/sLANnWyOmL
https://t.co/hmJNUr5C1g
https://www.cert.ssi.gouv.fr/uploads/CERTFR-2019-ACT-009.pdf
https://www.anomali.com/blog/suspected-north-korean-cyber-espionage-campaign-targets-multiple-foreign-ministries-and-think-tanks
https://twitter.com/cyb3rops/status/1168821227085058048
https://t.co/1zvfXBnZEo
https://github.com/Neo23x0/vti-dorks/blob/master/README.md
https://twitter.com/cyb3rops/status/1168818849841655808
https://twitter.com/cyb3rops/status/1168815049294716928
https://twitter.com/cyb3rops/status/1168814721165856773
https://twitter.com/cyb3rops/status/1168814536775929856
https://twitter.com/cyb3rops/status/1168813696275103744
https://twitter.com/cyb3rops/status/1168810545446871040
https://twitter.com/cyb3rops/status/1168809803931668480
https://twitter.com/cyb3rops/status/1168808954778050565
https://twitter.com/cyb3rops/status/1168807707601772544
https://twitter.com/cyb3rops/status/1168806492507709440
https://twitter.com/cyb3rops/status/1168804394651049984
https://twitter.com/cyb3rops/status/1168801555753185280
https://twitter.com/cyb3rops/status/1168801197668655104
https://twitter.com/cyb3rops/status/1168798370590162944
https://t.co/iyD8vhl43a
https://af.reuters.com/article/idAFKCN1VN12K
https://twitter.com/cyb3rops/status/1168797937062875141
https://twitter.com/cyb3rops/status/1168797314871386112
https://twitter.com/cyb3rops/status/1168778034675146752
https://twitter.com/cyb3rops/status/1167810015832526849
https://twitter.com/cyb3rops/status/1167780845794537473
https://twitter.com/cyb3rops/status/1167779629207343111
https://twitter.com/cyb3rops/status/1167769065194250240
https://twitter.com/cyb3rops/status/1167749667154780161
https://twitter.com/cyb3rops/status/1167693975140077569
https://twitter.com/cyb3rops/status/1167691828839235584
https://twitter.com/cyb3rops/status/1167460787474051072
https://twitter.com/cyb3rops/status/1167422907791872001
https://t.co/z0uQiIbFSO
https://twitter.com/thor_scanner/status/1167420719900368897
https://twitter.com/cyb3rops/status/1167419589225078784
https://twitter.com/cyb3rops/status/1167417222786142208
https://twitter.com/cyb3rops/status/1167415322271473664
https://t.co/bcjJl88s6h
https://gist.github.com/Neo23x0/f1bb645a4f715cb499150c5a14d82b44
https://twitter.com/cyb3rops/status/1167414998790037505
https://twitter.com/cyb3rops/status/1167413177216327680
https://twitter.com/cyb3rops/status/1167377866318913538
https://t.co/oUtyqlJxGB
https://t.co/WlW05qVpHZ
https://github.com/Neo23x0/sigma/blob/master/rules/proxy/proxy_ios_implant.yml
https://twitter.com/craiu/status/1167358457344925696
https://twitter.com/cyb3rops/status/1167318166705303552
https://twitter.com/cyb3rops/status/1167138319857266689
https://t.co/cfG91IXCIh
https://twitter.com/Binary_Newb/status/1167136847140507648
https://twitter.com/cyb3rops/status/1167027024944336897
https://t.co/yPkFoXO4R9
https://github.com/Neo23x0/sigma/tree/master/rules/proxy
https://twitter.com/cyb3rops/status/1167023056532979714
https://twitter.com/cyb3rops/status/1167009464861569024
https://t.co/YpTyioUPVY
https://threatvector.cylance.com/en_us/home/inside-the-apt28-dll-backdoor-blitz.html
https://twitter.com/cyb3rops/status/1166735692665409536
https://t.co/oNxcrGdq5j
https://t.co/5wj9iqPKTQ
https://github.com/marcosd4h/sysmonx
https://github.com/marcosd4h/sysmonx/blob/master/docs/slides/SysmonX_Blackhat_2019.pdf
https://twitter.com/cyb3rops/status/1166667574689640448
https://twitter.com/cyb3rops/status/1166666622939127808
https://t.co/ojjzC7812h
https://blog.nviso.be/2019/08/28/extracting-certificates-from-the-windows-registry/
https://twitter.com/cyb3rops/status/1166666398346747904
https://t.co/9ECHpohdrQ
https://medium.com/@cyb3rops/how-to-write-good-tweets-445c39081627
https://twitter.com/cyb3rops/status/1166666086156328960
https://t.co/pJl7t8KAXP
https://t.co/1EGpQKnEUQ
https://github.com/phra/rustbuster
https://twitter.com/michael_eder_/status/1166629786711670784
https://twitter.com/cyb3rops/status/1166598269369225216
https://t.co/6lhdPJ9DQ6
https://t.co/l6QsksjDdP
https://t.co/vu6Kx8WfzO
https://www.secureworks.com/blog/lyceum-takes-center-stage-in-middle-east-campaign
https://www.virustotal.com/gui/domain/web-traffic.info/relations
https://app.any.run/tasks/6cb14611-ad06-4799-97c0-78c21ee5eb20/
https://twitter.com/cyb3rops/status/1166392205621284864
https://twitter.com/cyb3rops/status/1166387924289630208
https://t.co/fl9hcoPa38
https://sec-consult.com/en/blog/2017/09/hack-the-hacker-fuzzing-mimikatz-on-windows-with-winafl-heatmaps-0day/
https://twitter.com/cyb3rops/status/1166386352730071042
https://t.co/fJscyotavy
https://www.linkedin.com/in/6661620a/
https://twitter.com/cyb3rops/status/1166380209454690306
https://t.co/L3elgBdrRX
https://github.com/BloodHoundAD/BloodHound/issues/267
https://twitter.com/cyb3rops/status/1166288063024324608
https://t.co/SkvvGMApOz
https://otx.alienvault.com/pulse/5d64fbc282c35637154029fd
https://twitter.com/cyb3rops/status/1166287025684779008
https://t.co/iqMxSK3SsY
https://blog.trendmicro.com/trendlabs-security-intelligence/ta505-at-it-again-variety-is-the-spice-of-servhelper-and-flawedammyy/
https://twitter.com/cyb3rops/status/1166249127539290112
https://t.co/eumowJPV8G
https://www.humblebundle.com/books/information-technology-security-books?partner=cyb3rops&charity=2330496
https://twitter.com/cyb3rops/status/1166244471022993413
https://t.co/PlcxeE6fEW
https://github.com/Neo23x0/Loki/releases/
https://twitter.com/cyb3rops/status/1165966884115746816
https://twitter.com/cyb3rops/status/1165927443980529664
https://twitter.com/cyb3rops/status/1165252809262010368
https://t.co/UUvixh0Fx3
https://posts.specterops.io/what-the-helk-sigma-integration-via-elastalert-6edf1715b02
https://twitter.com/cyb3rops/status/1165231067848216577
https://t.co/YHCzMRT1nf
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_susp_csc_folder.yml
https://twitter.com/cyb3rops/status/1165188299515936769
https://twitter.com/cyb3rops/status/1165186251261140997
https://t.co/riFXnwFkZ2
https://en.wikipedia.org/wiki/Regular_expression
https://twitter.com/cyb3rops/status/1165152202903773184
https://twitter.com/cyb3rops/status/1165015181459623937
https://twitter.com/cyb3rops/status/1165011439083499525
https://t.co/2iqjYiUz7t
https://patzke.org/introducing-sigma-value-modifiers.html
https://twitter.com/cyb3rops/status/1164665700880965633
https://twitter.com/cyb3rops/status/1164665368616558593
https://twitter.com/cyb3rops/status/1164571221373177857
https://twitter.com/cyb3rops/status/1164559340264677378
https://twitter.com/cyb3rops/status/1164539113120423937
https://twitter.com/cyb3rops/status/1164528276192268290
https://twitter.com/cyb3rops/status/1164526488336703489
https://twitter.com/cyb3rops/status/1164525519599284225
https://twitter.com/cyb3rops/status/1164518803763552257
https://twitter.com/cyb3rops/status/1164516198480039936
https://t.co/ceJcjkevMV
https://t.co/lbcoH9wz09
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_renamed_powershell.yml
https://twitter.com/christophetd/status/1164506034720952320
https://twitter.com/cyb3rops/status/1164503487918616576
https://t.co/80LwlVUyIc
https://tweetdeck.twitter.com/
https://twitter.com/cyb3rops/status/1164499989386747904
https://t.co/xbpEzrk0IP
https://twitter.com/cyb3rops/lists/cyber/
https://twitter.com/cyb3rops/status/1164497968508088320
https://twitter.com/cyb3rops/status/1164497053009006592
https://twitter.com/cyb3rops/status/1164252205748301833
https://twitter.com/cyb3rops/status/1164225679711506432
https://twitter.com/cyb3rops/status/1164211883072729090
https://twitter.com/cyb3rops/status/1164193118931103744
https://twitter.com/cyb3rops/status/1164179195443994624
https://t.co/9ECHpohdrQ
https://medium.com/@cyb3rops/how-to-write-good-tweets-445c39081627
https://twitter.com/cyb3rops/status/1164089423249707009
https://twitter.com/cyb3rops/status/1164084469613117441
https://twitter.com/cyb3rops/status/1164083426456158208
https://t.co/Lhmmh6mQZK
https://twitter.com/thor_scanner/status/1164082737990578182
https://twitter.com/cyb3rops/status/1164077693459210240
https://twitter.com/cyb3rops/status/1163773246581460993
https://twitter.com/cyb3rops/status/1163757977842671617
https://twitter.com/cyb3rops/status/1163731753430913024
https://twitter.com/cyb3rops/status/1163723658667483136
https://twitter.com/cyb3rops/status/1163714284163084289
https://t.co/2iqjYiUz7t
https://patzke.org/introducing-sigma-value-modifiers.html
https://twitter.com/cyb3rops/status/1163712031473786880
https://twitter.com/cyb3rops/status/1163706040166338560
https://twitter.com/cyb3rops/status/1162634566852665344
https://t.co/Jp2itKBnHt
https://github.com/secrary/DrSemu
https://twitter.com/cyb3rops/status/1162473285566836737
https://t.co/v9Nn18Hak2
https://github.com/Neo23x0/sigma/tree/master/rules/windows
https://twitter.com/cyb3rops/status/1161317096279687169
https://twitter.com/cyb3rops/status/1161316470393057281
https://t.co/DluY0hTT4z
https://www.nextron-systems.com/2019/06/11/thor-10-fusion-major-changes/
https://twitter.com/cyb3rops/status/1161315083164762112
https://t.co/rRRhAHYZ7N
https://t.co/Dd3h4pF5Zs
https://t.co/sb30T22uls
https://t.co/sB087oq57t
https://app.any.run/tasks/ab08f1d9-bad3-4383-8137-7eed11c3a760/
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_office_shell.yml
https://app.any.run/tasks/0cc8cef2-cc65-41c2-9242-35eea7f69dbf/
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_exploit_cve_2017_11882.yml
https://twitter.com/cyb3rops/status/1161298928773554177
https://twitter.com/cyb3rops/status/1161298029347053569
https://t.co/NVaxZcu1nf
https://twitter.com/blubbfiction/status/1157045645435449344
https://twitter.com/cyb3rops/status/1161296150726680576
https://twitter.com/cyb3rops/status/1161244459738308609
https://twitter.com/cyb3rops/status/1161202618611458048
https://t.co/Boa9DwdkWS
https://github.com/Neo23x0/sigma/
https://twitter.com/cyb3rops/status/1161166428155916288
https://t.co/tcbk7s60PQ
https://t.co/2RPEs63IgC
https://miriamxyra.com/2018/08/28/eventlist-the-baseline-event-analyzer/
https://twitter.com/MiriamXyra/status/1138176505798889473
https://twitter.com/cyb3rops/status/1160912192369233921
https://t.co/XzAab3Kzrn
https://securelist.com/recent-cloud-atlas-activity/92016/
https://twitter.com/cyb3rops/status/1160286563605106688
https://twitter.com/cyb3rops/status/1159882534697799680
https://t.co/bMrfdt0jmP
https://t.co/6vBBaSs23I
http://coderpad.ru
http://hackertyper.com
https://twitter.com/cyb3rops/status/1159805885650296839
https://twitter.com/cyb3rops/status/1159801063295410176
https://t.co/bvwpRcsY9h
https://t.co/jkqo9UfIYA
http://geektyper.com/
http://coderpad.ru/
https://twitter.com/cyb3rops/status/1159711187363348480
https://t.co/1L0NEQrlPS
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_cert_payloads.yar
https://twitter.com/cyb3rops/status/1159695768728547328
https://twitter.com/cyb3rops/status/1159407420373905409
https://twitter.com/cyb3rops/status/1159401027759759360
https://t.co/xmAoQAYEVz
https://www.fortinet.com/blog/threat-research/chinese-targeted-trojan-analysis.html
https://twitter.com/cyb3rops/status/1159360284231962624
https://t.co/FflPlCtNgx
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_apt41.yar
https://twitter.com/cyb3rops/status/1159353806691459073
https://twitter.com/cyb3rops/status/1159212304862470146
https://t.co/03nBi8Ywj2
https://blogs.jpcert.or.jp/en/2019/07/spear-phishing-against-cryptocurrency-businesses.html
https://twitter.com/cyb3rops/status/1159211960736632832
https://t.co/OMEvVePHag
https://securityaffairs.co/wordpress/89586/apt/oilrig-apt-techniques-evolution.html
https://twitter.com/cyb3rops/status/1159211227639353346
https://t.co/3Bz7lpjNGo
http://wsj.com/articles/high-level-cyber-intrusions-hit-bahrain-amid-tensions-with-iran-11565202488
https://twitter.com/cyb3rops/status/1159180532607066118
https://twitter.com/cyb3rops/status/1158992765117698048
https://twitter.com/cyb3rops/status/1158991647029497856
https://twitter.com/cyb3rops/status/1158991218396880898
https://twitter.com/cyb3rops/status/1158990082973536256
https://twitter.com/cyb3rops/status/1158987391455178752
https://twitter.com/cyb3rops/status/1158855820932784129
https://twitter.com/cyb3rops/status/1158764030951067648
https://twitter.com/cyb3rops/status/1158762270081654784
https://twitter.com/cyb3rops/status/1158661606433337344
https://twitter.com/cyb3rops/status/1158660906626244608
https://twitter.com/cyb3rops/status/1158660279825252352
https://twitter.com/cyb3rops/status/1158460171510792192
https://t.co/18L62fO9Gd
https://github.com/Neo23x0/Fenrir
https://twitter.com/cyb3rops/status/1158372366004760576
https://t.co/jeoqheaHj1
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_google_anomaly.yar
https://twitter.com/cyb3rops/status/1157959774497116162
https://t.co/EcgKal2jcF
https://t.co/Ep1PnKAgBH
http://GitHub.com
https://www.zdnet.com/article/github-sued-for-aiding-hacking-in-capital-one-breach/
https://twitter.com/cyb3rops/status/1157959009221185536
https://twitter.com/cyb3rops/status/1157948888810233856
https://t.co/Pl8I4O8arj
https://t.co/DzklM0hGLB
https://www.bleepingcomputer.com/news/security/why-everyone-should-disable-vssadmin-exe-now/
https://docs.google.com/spreadsheets/d/e/2PACX-1vRCVzG9JCzak3hNqqrVCTQQIzH0ty77BWiLEbDu-q9oxkhAamqnlYgtQ4gF85pF6j6g3GmQxivuvO1U/pubhtml
https://twitter.com/cyb3rops/status/1157946661030809600
https://t.co/trO6BZYqGL
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_ransomware_shadowcopy.yml
https://twitter.com/cyb3rops/status/1157659035778392064
https://twitter.com/cyb3rops/status/1157232439342899200
https://t.co/33vXrlmugp
https://twitter.com/nshcthreatrecon/status/1157185725957210112
https://twitter.com/cyb3rops/status/1156887382802731008
https://twitter.com/cyb3rops/status/1156673968843177984
https://t.co/P6qaZ1RQD6
https://github.com/elastic/ecs
https://twitter.com/cyb3rops/status/1156616122218754048
https://twitter.com/cyb3rops/status/1156614016741126146
https://twitter.com/cyb3rops/status/1156610159977873410
https://twitter.com/cyb3rops/status/1156599722326528009
https://t.co/8qsaFLT8HL
https://www.virustotal.com/gui/file/4417cc080e421e3cd9e318073d2c0d1c865b309dfae573386df20abeb7667efb/details
https://twitter.com/cyb3rops/status/1156171610153463808
https://t.co/0XbdjoyC8m
https://somafm.com/defcon/
https://twitter.com/cyb3rops/status/1156170953119948802
https://t.co/ji1zZxscL7
https://pilotpriest.bandcamp.com/album/lost-boy
https://twitter.com/cyb3rops/status/1155920572217462785
https://twitter.com/cyb3rops/status/1155839926216339458
https://twitter.com/cyb3rops/status/1155796614860214273
https://twitter.com/cyb3rops/status/1155788514363158528
https://twitter.com/cyb3rops/status/1155788026724921344
https://t.co/7G307cgzda
https://my.socprime.com/en/tdm-developers/
https://twitter.com/cyb3rops/status/1155739992964120576
https://t.co/qU673QN3vl
https://tdm.socprime.com/
https://twitter.com/cyb3rops/status/1155075207826202624
https://t.co/rVOO7ZHJZa
https://news.yahoo.com/shadow-force-the-secret-history-of-the-us-intelligence-communitys-battle-with-irans-revolutionary-guard-090000959.html?guce_referrer=aHR0cHM6Ly90LmNvLzlMYTFrSVFiM00&guce_referrer_sig=AQAAAEgabO4Mj8vf1QWIawTv1RucFkxt-dv3E_UHVONrLGqSvWaoHfQzqnMwX0DZpPCyAm6H_Ml-hzjgmAj0QHlyDv-dLxRqQ2JXzAlG4r2VG5mkNqvClIuaVcNhngYtctA1AcqxQBIv8Q1-CX4EC6vEejjCrkjaIZ9v3SkO1pGKQxd8&guccounter=2
https://twitter.com/cyb3rops/status/1154750338919993346
https://t.co/s0jcLsFOVa
https://t.co/mG9QOKriOE
https://github.com/Neo23x0/sigma/blob/master/rules/windows/builtin/win_alert_ruler.yml
https://github.com/Neo23x0/sigma/blob/master/rules/proxy/proxy_ua_hacktool.yml#L62
https://twitter.com/cyb3rops/status/1154682716983582720
https://twitter.com/cyb3rops/status/1154448155796267008
https://t.co/4Xt3aPs07t
https://threatrecon.nshc.net/2019/07/25/growth-of-sectorf01-groups-cyber-espionage-activities/
https://twitter.com/cyb3rops/status/1154298745842020354
https://twitter.com/cyb3rops/status/1154297423537344518
https://twitter.com/cyb3rops/status/1154296446730027008
https://twitter.com/cyb3rops/status/1154295918671347712
https://twitter.com/cyb3rops/status/1154294461519859713
https://twitter.com/cyb3rops/status/1154293694532599808
https://twitter.com/cyb3rops/status/1154293064221024256
https://twitter.com/cyb3rops/status/1154083984315432962
https://t.co/xtx3QOTm52
https://en.wikipedia.org/wiki/Plausible_deniability
https://twitter.com/cyb3rops/status/1154077713847771137
https://twitter.com/cyb3rops/status/1154076759664578561
https://twitter.com/cyb3rops/status/1154074564625948678
https://twitter.com/cyb3rops/status/1154068983403995136
https://t.co/Tfb2RiufDg
https://t.co/XdJoVTHSmF
https://www.secureworks.com/research/updated-karagany-malware-targets-energy-sector
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_susp_procdump.yml
https://twitter.com/cyb3rops/status/1154067031697842177
https://t.co/m70E0EoYOh
https://www.secureworks.com/research/mcmd-malware-analysis
https://twitter.com/cyb3rops/status/1154066859098038272
https://t.co/mQWcZs0Kue
https://t.co/a70LcSnnoF
https://www.virustotal.com/gui/file/1457b6cc60c304c14002b45764214285bc9b33715a8e5edacb613a49654e38b6/detection
https://pastebin.com/aZxctE2f
https://twitter.com/cyb3rops/status/1154064338392666114
https://t.co/Tfb2RiufDg
https://www.secureworks.com/research/updated-karagany-malware-targets-energy-sector
https://twitter.com/cyb3rops/status/1154059119835385858
https://t.co/DeWLbnpRqT
https://www.secureworks.com/research/resurgent-iron-liberty-targeting-energy-sector
https://twitter.com/cyb3rops/status/1153989462118060032
https://twitter.com/cyb3rops/status/1153983440871669761
https://t.co/Y4pi79OqLE
https://t.co/mHZDQamp6m
https://www.virustotal.com/gui/file/bc04c72f6dff747e0da3a31cba9611676020e2b4a1dad0c3516d139d6f6d6545/detection
https://www.virustotal.com/gui/file/92c37c829dac8f6d277ae4b72b926e82f54ed8fc1b61885d7d7d92fd8417b99f/detection
https://twitter.com/cyb3rops/status/1153963401124728832
https://t.co/FjmG43yVDm
https://github.com/Neo23x0/munin
https://twitter.com/cyb3rops/status/1153925893703831553
https://t.co/O520Hgw2aq
https://medium.com/@Sebdraven/winnti-uses-the-rtf-exploit-8-t-too-targets-vietnam-13300d432272
https://twitter.com/cyb3rops/status/1153901056105091072
https://t.co/5G7kYIhCI5
https://web.br.de/interaktiv/winnti/english/
https://twitter.com/cyb3rops/status/1153540750514302977
https://twitter.com/cyb3rops/status/1153368442940141575
https://twitter.com/cyb3rops/status/1153337229961498624
https://twitter.com/cyb3rops/status/1153336643929235457
https://twitter.com/cyb3rops/status/1153333468480311296
https://twitter.com/cyb3rops/status/1153236903988211712
https://twitter.com/cyb3rops/status/1153224357868711936
https://t.co/S6XYcRGhd5
https://www.virustotal.com/gui/file/c40efeef9b9d52cbce91484d583b515995184ac0bd6abccfb0a77eff9e0f5072/detection
https://twitter.com/cyb3rops/status/1153223038441283584
https://t.co/KYGsptCy3T
https://www.virustotal.com/gui/file/14ccf43c3f68f9c3fb09836d2983c9365e37eb8f367a507eb357085028718cea/details
https://twitter.com/cyb3rops/status/1153217064829706240
https://twitter.com/cyb3rops/status/1153200148937347072
https://twitter.com/cyb3rops/status/1153197029994192896
https://twitter.com/cyb3rops/status/1152889767648010240
https://twitter.com/cyb3rops/status/1152885515764543489
https://t.co/6AxY8xnin2
https://t.co/ibuFWj2auH
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_powershell_obfuscation.yar#L41
https://docs.google.com/spreadsheets/d/1ywzx3YPLDI__NMDgn5j6VVBFOvSA0wXuUiqPe8fkMbY/edit#gid=1668018166
https://twitter.com/cyb3rops/status/1152534688965308416
https://t.co/Qp1vGRjSUZ
https://www.dev-point.com/vb/threads/690064/
https://twitter.com/cyb3rops/status/1152109534544052224
https://t.co/0MXIXE4Dny
https://www.fireeye.com/blog/threat-research/2019/07/hard-pass-declining-apt34-invite-to-join-their-professional-network.html
https://twitter.com/cyb3rops/status/1151876690890690560
https://twitter.com/cyb3rops/status/1151870303288594432
https://twitter.com/cyb3rops/status/1151107447156891651
https://twitter.com/cyb3rops/status/1151103432977260547
https://t.co/YSFkJlM2ir
https://www.fireeye.com/blog/threat-research/2019/05/learning-to-rank-strings-output-for-speedier-malware-analysis.html
https://twitter.com/cyb3rops/status/1151042696074674176
https://t.co/2IFKchonWv
https://speakerdeck.com/heirhabarov/hunting-for-privilege-escalation-in-windows-environment
https://twitter.com/cyb3rops/status/1151039232477192192
https://t.co/rpJ8UoxeyV
https://blog.alyac.co.kr/2418
https://twitter.com/cyb3rops/status/1151025215570358272
https://twitter.com/cyb3rops/status/1150739439582363649
https://t.co/SejzcvjqjM
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_susp_office_dropper.yar#L97
https://twitter.com/cyb3rops/status/1150709935719833600
https://twitter.com/cyb3rops/status/1150484555566129154
https://twitter.com/cyb3rops/status/1150338850478284800
https://t.co/bXN6vCvBh0
https://github.com/Neo23x0/sigma/wiki/Fields:-Processes
https://twitter.com/cyb3rops/status/1150315962501095424
https://twitter.com/cyb3rops/status/1149716250181984257
https://twitter.com/cyb3rops/status/1149633648007639041
https://t.co/lKtUdNqg8k
https://t.co/UWJf9mYLGu
https://blog.thinkst.com/p/canarytokensorg-quick-free-detection.html
https://canarytokens.org/generate
https://twitter.com/cyb3rops/status/1147224668920852480
https://t.co/E9yTH8h2ww
https://www.nist.gov/software-quality-group/national-software-reference-library-nsrl
https://twitter.com/cyb3rops/status/1147156316147933184
https://t.co/Z138B883cl
https://malpedia.caad.fkie.fraunhofer.de/details/win.abaddon_pos
https://twitter.com/cyb3rops/status/1147104226142773249
https://twitter.com/cyb3rops/status/1147053942133665792
https://twitter.com/cyb3rops/status/1146461681712848896
https://twitter.com/cyb3rops/status/1146456194955010048
https://t.co/aZFKC3GUrq
https://twitter.com/thor_scanner/status/1146452257371824129
https://twitter.com/cyb3rops/status/1146428358726750209
https://twitter.com/cyb3rops/status/1146357150366740482
https://t.co/BfGe6lcorU
https://twitter.com/markus_neis/status/1144108539507564544
https://twitter.com/cyb3rops/status/1145949159851270145
https://t.co/wjkovwAxIY
https://threatvector.cylance.com/en_us/home/threat-spotlight-ratsnif-new-network-vermin-from-oceanlotus.html
https://twitter.com/cyb3rops/status/1144524782861467648
https://t.co/dnUwIbWrYN
https://www.opencti.io/en/
https://twitter.com/cyb3rops/status/1144507933717405699
https://t.co/OOJAy2EvK1
https://dnstwister.report/
https://twitter.com/cyb3rops/status/1144503527588450304
https://twitter.com/cyb3rops/status/1144213089195384834
https://twitter.com/cyb3rops/status/1144212355582242817
https://twitter.com/cyb3rops/status/1144211061874352128
https://twitter.com/cyb3rops/status/1144204180606922752
https://twitter.com/cyb3rops/status/1143989459081408513
https://twitter.com/cyb3rops/status/1143938516113641472
https://twitter.com/cyb3rops/status/1143914542298206211
https://t.co/wFEkr8mo8S
https://www.virustotal.com/gui/file/006e8b54f614fcad4ecc5ccbcd8e4f7601deedeaba5d826b6451687fca348b45/detection
https://twitter.com/cyb3rops/status/1143906160694779904
https://twitter.com/cyb3rops/status/1143904641165484032
https://t.co/0yvjYmb2nf
https://twitter.com/cyb3rops/status/1112760057425551360
https://twitter.com/cyb3rops/status/1143897034866475009
https://twitter.com/cyb3rops/status/1143895032962977792
https://t.co/K2CFk0kgYE
https://www.cyberscoop.com/apt33-saudi-iran-symantec-recorded-future/
https://twitter.com/cyb3rops/status/1143882315652841472
https://t.co/YWsbvxBCqa
https://t.co/tcMU3f1EgA
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_susp_double_extension.yml
https://blu3-team.blogspot.com/2019/06/misleading-extensions-xlsexe-docexe.html
https://twitter.com/cyb3rops/status/1143878784606715904
https://t.co/v8tv4yyTA3
https://www.reuters.com/investigates/special-report/china-cyber-cloudhopper/
https://twitter.com/cyb3rops/status/1143878050532208640
https://twitter.com/cyb3rops/status/1143266492793991169
https://t.co/xPSqtwc7M2
https://medium.com/@cyb3rops/the-newcomers-guide-to-cyber-threat-actor-naming-7428e18ee263
https://twitter.com/cyb3rops/status/1142815398691295233
https://twitter.com/cyb3rops/status/1142812304964276231
https://twitter.com/cyb3rops/status/1142712740135522305
https://twitter.com/cyb3rops/status/1142476925681766406
https://t.co/qkBB4z6FlE
https://xkcd.com/2166/
https://twitter.com/cyb3rops/status/1142461140947128323
https://t.co/yEMhTh0q8M
https://t.co/La5DYdK75k
https://t.co/KEbalHunnw
https://www.obdev.at/products/littlesnitch/download.html
https://objective-see.com/products/blockblock.html
https://objective-see.com/products/reikey.html
https://twitter.com/cyb3rops/status/1142433048056782851
https://t.co/YFu5FP1Lff
https://t.co/JBP9gz9i01
https://t.co/aoWAZgYsek
https://ninite.com/
https://www.glasswire.com/
https://www.oo-software.com/en/shutup10
https://twitter.com/cyb3rops/status/1142426047927005184
https://t.co/aoWAZgYsek
https://www.oo-software.com/en/shutup10
https://twitter.com/cyb3rops/status/1142313668929105922
https://t.co/z7fCaQDarh
https://news.yahoo.com/pentagon-secretly-struck-back-against-iranian-cyber-spies-targeting-us-ships-234520824.html
https://twitter.com/cyb3rops/status/1142062192289820675
https://twitter.com/cyb3rops/status/1142056831373717507
https://t.co/8mp2QaBfGM
https://www.wired.com/story/iran-hackers-us-phishing-tensions/
https://twitter.com/cyb3rops/status/1141711876532899845
https://t.co/pu1XH4fr75
https://t.co/58WX7IDxd9
https://norfolkinfosec.com/emissary-panda-http-listener/
https://www.virustotal.com/gui/file/66893ab83a7d4e298720da28cd2ea4a860371ae938cdd86035ce920b933c9d85/community
https://twitter.com/cyb3rops/status/1141674743344566272
https://t.co/xLYBh54kiu
https://t.co/B3xrbQAJ2M
https://www.virustotal.com/gui/file/595a54f0bbf297041ce259461ae8a12f37fb29e5180705eafb3668b4a491cecc/details
https://www.virustotal.com/gui/search/signature%253AMicrosoft%25C2%25AE%2520Windows%25C2%25AE%2520Operation%2520System/files
https://twitter.com/cyb3rops/status/1141479844011794433
https://twitter.com/cyb3rops/status/1140979829925396480
https://t.co/y4aipTc5gw
https://www.nextron-systems.com/thor/
https://twitter.com/cyb3rops/status/1140934366924816384
https://twitter.com/cyb3rops/status/1140721985879715842
https://t.co/K0M8GyuzPq
https://www.nextron-systems.com/get-a-quote/
https://twitter.com/cyb3rops/status/1140683844259069954
https://t.co/8yQBtVxj89
https://www.humblebundle.com/books/programming-packt-books?partner=cyb3rops
https://twitter.com/cyb3rops/status/1140606020542226433
https://t.co/uK5uASVeKr
https://securityintelligence.com/posts/observations-of-itg07-cyber-operations/
https://twitter.com/cyb3rops/status/1140578579304144896
https://t.co/Rm495d2Eqw
https://blog.eutopian.io/apt34-tools-leak/
https://twitter.com/cyb3rops/status/1140179123136028672
https://t.co/agV3R6TOo7
https://t.co/J0Iz68qlqf
https://www.linkedin.com/in/martijn-van-der-heide-056aa495/
https://www.dropbox.com/s/ds0ra0c8odwsv3m/Threat%20Group%20Cards.pdf?dl=0
https://twitter.com/cyb3rops/status/1139952844751167488
https://twitter.com/cyb3rops/status/1139930744904658945
https://twitter.com/cyb3rops/status/1139910516158226433
https://twitter.com/cyb3rops/status/1139501341326360578
https://t.co/yNIuDTmiOh
https://sourceforge.net/p/winexe/wiki/Home/
https://twitter.com/cyb3rops/status/1139180835926679552
https://t.co/kAIvBatRQ0
https://www.zdnet.com/article/ransomware-halts-production-for-days-at-major-airplane-parts-manufacturer/
https://twitter.com/cyb3rops/status/1138908340669562881
https://twitter.com/cyb3rops/status/1138809525874634753
https://twitter.com/cyb3rops/status/1138800235168370695
https://twitter.com/cyb3rops/status/1138797162697912320
https://t.co/8789SRUpIW
https://www.virustotal.com/gui/file/3462e05a781118ca13e49d1a0c6d6fc63a502938e06102c4d41f9a36b655561c/details
https://twitter.com/cyb3rops/status/1138535855142948865
https://t.co/nxk0JL5QvI
https://blog.preempt.com/security-advisory-critical-vulnerabilities-in-ntlm
https://twitter.com/cyb3rops/status/1138351079601639424
https://t.co/bfAeLofdRy
https://0xffff0800.blogspot.com/2019/06/a-muddywater-cyber-spy.html
https://twitter.com/cyb3rops/status/1138349881272283136
https://t.co/XxHRr7hZKV
https://blog.trendmicro.com/trendlabs-security-intelligence/muddywater-resurfaces-uses-multi-stage-backdoor-powerstats-v3-and-new-post-exploitation-tools/
https://twitter.com/cyb3rops/status/1136866775151403008
https://t.co/ECdGMjkA6o
https://t.co/O2qyXdSFlq
http://hybrid-analysis.blogspot.com/2019/06/new-feature-upload-your-collections-of.html
https://twitter.com/miller_itsec/status/1136758762537201665
https://twitter.com/cyb3rops/status/1136555993599488000
https://twitter.com/cyb3rops/status/1136555706767814656
https://t.co/sOXSc6xxEi
https://github.com/Neo23x0/signature-base/blob/9c1aff0963bb80e634a03f7867bda129d978ec86/yara/thor_inverse_matches.yar
https://twitter.com/cyb3rops/status/1136525216685973506
https://twitter.com/cyb3rops/status/1136161798229565440
https://t.co/tCbLhvU8FR
https://speakerdeck.com/ashley920/into-the-fog-the-return-of-icefog-apt
https://twitter.com/cyb3rops/status/1136159503697817600
https://t.co/va882rzBSb
https://www.bbc.com/news/business-48508192
https://twitter.com/cyb3rops/status/1135945140118458368
https://twitter.com/cyb3rops/status/1135816413258690560
https://t.co/vZi3cWCS52
https://www.amazon.co.uk/GCHQ-Puzzle-Book/dp/0718185544
https://twitter.com/cyb3rops/status/1135802646143668224
https://twitter.com/cyb3rops/status/1135801385960841216
https://twitter.com/cyb3rops/status/1135555743724331008
https://twitter.com/cyb3rops/status/1135435817046986752
https://twitter.com/cyb3rops/status/1135433772650962944
https://t.co/T96lbc6Vjo
https://mp.weixin.qq.com/s/3ZQhn32NB6p-LwndB2o2zQ
https://twitter.com/cyb3rops/status/1135161262466371584
https://t.co/Wxts0MEoTJ
https://t.co/RIUpeZxvaP
https://t.co/dPI6545Nqy
https://t.co/GNq62tOcEQ
https://t.co/VJq1V4DcDp
https://www.virustotal.com/gui/file/397385aa67bb548443b8bc7f919c8f1f137be07bcf977688c0b223dfd0e4a4fa/detection
https://www.hybrid-analysis.com/sample/397385aa67bb548443b8bc7f919c8f1f137be07bcf977688c0b223dfd0e4a4fa?environmentId=120
https://www.secureworks.com/research/a-peek-into-bronze-unions-toolbox
https://www.virustotal.com/gui/file/e750bced4ebaca047687d6838f38cc2ea3708b894f569f1f8a9717520f76fe90/detection
https://www.virustotal.com/gui/file/1c64aa7d3a255d298ccff89b1cea739ef75f94f9112f1dfb9e93ada6d32182b8/details
https://twitter.com/cyb3rops/status/1135118695666200577
https://twitter.com/cyb3rops/status/1135109107592126465
https://t.co/trO6BZYqGL
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_ransomware_shadowcopy.yml
https://twitter.com/cyb3rops/status/1135094604439724032
https://t.co/jYZM9jStdG
https://t.co/V5oraN5FEj
https://t.co/1j6Rht66DK
https://github.com/Neo23x0/sigma/commit/5e7ae0590c392c980f05c09c948bf4b2e09908be
https://www.hybrid-analysis.com/sample/593887fe4ed35fb8ebec7faaa0c884354f454d42180cd5c27e91d01bec40f95d?environmentId=100
https://www.hybrid-analysis.com/sample/7d98972d5c78e1d4969da76856d6818942b606c267efa67fd31d39ae77497e9c?environmentId=100
https://twitter.com/cyb3rops/status/1135092440677933056
https://t.co/NZteL139Vi
https://t.co/o9tVLDg8SN
https://github.com/Neo23x0/sigma/blob/master/rules/windows/builtin/win_rdp_bluekeep_poc_scanner.yml
https://twitter.com/AdamTheAnalyst/status/1134394070045003776
https://twitter.com/cyb3rops/status/1133785706336272390
https://twitter.com/cyb3rops/status/1133756132437184512
https://twitter.com/cyb3rops/status/1133716256610242561
https://t.co/UrYuSZIXRq
https://blogs.technet.microsoft.com/peterfi/2008/01/11/mstsc-console-is-now-mstsc-admin/
https://twitter.com/cyb3rops/status/1133715021391892480
https://twitter.com/cyb3rops/status/1133714450459058177
https://t.co/6PhmjI47Gw
https://attack.mitre.org/techniques/T1015/
https://twitter.com/cyb3rops/status/1133640563562078208
https://twitter.com/cyb3rops/status/1133270775807520768
https://t.co/Xe9VRtpXc5
https://www.humblebundle.com/books/hacking-no-starch-press-books?partner=cyb3rops
https://twitter.com/cyb3rops/status/1133061362496745473
https://twitter.com/cyb3rops/status/1132972164959866880
https://twitter.com/cyb3rops/status/1132634359809359873
https://twitter.com/cyb3rops/status/1132627101587312640
https://twitter.com/cyb3rops/status/1132618967791656961
https://t.co/B0flABVlCw
https://t.co/p14xBzYOr4
https://psychology.stackexchange.com/questions/546/is-decision-making-emotionally-based-with-rationalization-as-the-only-conscious
https://www.cia.gov/library/center-for-the-study-of-intelligence/csi-publications/books-and-monographs/psychology-of-intelligence-analysis/index.html
https://twitter.com/cyb3rops/status/1132601723623825409
https://twitter.com/cyb3rops/status/1132560647475146752
https://twitter.com/cyb3rops/status/1132558946345127936
https://t.co/linz1GhBkb
https://www.virustotal.com/gui/file/8081ab52c36204cbce0a746066f4845afa55e35f21aa3d826175536986508917/community
https://twitter.com/cyb3rops/status/1132209586235219968
https://twitter.com/cyb3rops/status/1132180163809206272
https://twitter.com/cyb3rops/status/1132174453838929920
https://t.co/PuylVfLuRZ
https://pastebin.com/X1Rsk7qm
https://twitter.com/cyb3rops/status/1132173547546271749
https://twitter.com/cyb3rops/status/1131990835267088384
https://t.co/Ynno5veoUE
https://gchq.github.io/CyberChef/#recipe=From_Hex('%5C%5Cx')&input=XHg3NFx4NjhceDY5XHg3Mw
https://twitter.com/cyb3rops/status/1131944049869565952
https://twitter.com/cyb3rops/status/1131931674726608896
https://t.co/8AzYRmUfq4
https://t.co/n856OnuXFa
https://t.co/Ps2krhzqhv
https://pastebin.com/ej8maNrP
https://pastebin.com/NCGTq5p0
https://blog.ensilo.com/uncovering-new-activity-by-apt10
https://twitter.com/cyb3rops/status/1131917727415902208
https://t.co/Ps2krhzqhv
https://blog.ensilo.com/uncovering-new-activity-by-apt10
https://twitter.com/cyb3rops/status/1131839229066121216
https://t.co/suxpxvHnx7
https://app.any.run/submissions/#filehash:72f78276ea06649556c3beaa5a53f1b3faa5e4b2fe094f1e84cc959c70139c02
https://twitter.com/cyb3rops/status/1131794189140791298
https://twitter.com/cyb3rops/status/1131555791595614208
https://twitter.com/cyb3rops/status/1131488969546452992
https://twitter.com/cyb3rops/status/1131269296980729856
https://twitter.com/cyb3rops/status/1131267429538127874
https://twitter.com/cyb3rops/status/1131232819471106048
https://twitter.com/cyb3rops/status/1131221180608856064
https://twitter.com/cyb3rops/status/1131215050759446528
https://twitter.com/cyb3rops/status/1131198872615886848
https://twitter.com/cyb3rops/status/1131177114781278209
https://t.co/NsiT3Uc6gN
https://t.co/4E2kuZiTbD
https://t.co/RFw7HP64hy
https://t.co/FZyyldwS5z
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_termserv_proc_spawn.yml
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_susp_rdp.yml
https://github.com/nccgroup/Cyber-Defence/blob/master/Signatures/suricata/2019_05_rdp_cve_2019_0708.txt
https://github.com/zerosum0x0/CVE-2019-0708
https://twitter.com/cyb3rops/status/1131118489052372993
https://t.co/NsiT3Uc6gN
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_termserv_proc_spawn.yml
https://twitter.com/cyb3rops/status/1131107003726815232
https://t.co/0KWGasf5CS
https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/rdp-stands-for-really-do-patch-understanding-the-wormable-rdp-vulnerability-cve-2019-0708/
https://twitter.com/cyb3rops/status/1130855274980339712
https://twitter.com/cyb3rops/status/1130851654327123969
https://twitter.com/cyb3rops/status/1130845638374043649
https://t.co/SHEM6RcACA
https://www.sans.org/cyber-security-summit/archives/file/summit-archive-1492186586.pdf
https://twitter.com/cyb3rops/status/1130845076668608519
https://twitter.com/cyb3rops/status/1130836315996602368
https://twitter.com/cyb3rops/status/1130823198394769409
https://twitter.com/cyb3rops/status/1130822208836837376
https://twitter.com/cyb3rops/status/1130747925242482688
https://t.co/tUhC4uvnwM
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_renamed_psexec.yml
https://twitter.com/cyb3rops/status/1130191856283869185
https://twitter.com/cyb3rops/status/1130016407280865280
https://twitter.com/cyb3rops/status/1129676526721671169
https://t.co/iXVaHHEJTe
https://github.com/bitsadmin/wesng
https://twitter.com/cyb3rops/status/1129664044795924480
https://twitter.com/cyb3rops/status/1129662947373006848
https://twitter.com/cyb3rops/status/1129655356706217984
https://t.co/aBU378iSjy
https://t.co/X2rD4pms3w
https://www.hybrid-analysis.com/yara-search/results/eed29e6f2e4c3367bcada5dc622a47faaec480920404793516109895bb771d17
https://www.hybrid-analysis.com/sample/7a7b1b6beeb50647a06cc03131a703e3322bf170a880efc92911c2d9a5543ed0?environmentId=120
https://twitter.com/cyb3rops/status/1129653190444703744
https://t.co/4zaelObdfB
https://www.virustotal.com/gui/file/ab8c93b24767c43559c03da63bb8275aa1e7babb36dc2ec3719c55b973b1f823/detection
https://twitter.com/cyb3rops/status/1129647994603790338
https://t.co/x3D2OMm752
https://www.virustotal.com/gui/search/content%253A%2522c%253A%255CUsers%255Cuser%255CDesktop%255Copenssl-1.0.1e_m%255C%252Fssl%252Fcert.pem%2522/files
https://twitter.com/cyb3rops/status/1129646332313055233
https://t.co/fnHmnOOjU3
https://analyze.intezer.com/#/analyses/580404ea-4196-4783-9e37-9ca068bbc264
https://twitter.com/cyb3rops/status/1129645262887149570
https://t.co/eVlVSpdaPQ
https://t.co/6aX8rW2PMS
https://www.virustotal.com/gui/file/b40909ac0b70b7bd82465dfc7761a6b4e0df55b894dd42290e3f72cb4280fa44/detection
https://www.virustotal.com/gui/file/80548416ffb3d156d3ad332718ed322ef54b8e7b2cc77a7c5457af57f51d987a/details
https://twitter.com/cyb3rops/status/1129463451494092800
https://twitter.com/cyb3rops/status/1129463333604732928
https://twitter.com/cyb3rops/status/1129462994730127361
https://twitter.com/cyb3rops/status/1129386568190517257
https://twitter.com/cyb3rops/status/1129378517198745600
https://t.co/PkzcEMVy1n
https://www.spiegel.de/plus/teamviewer-wie-hacker-das-deutsche-vorzeige-start-up-ausspionierten-a-00000000-0002-0001-0000-000163955857
https://twitter.com/cyb3rops/status/1128760158551707654
https://twitter.com/cyb3rops/status/1128752997339750401
https://twitter.com/cyb3rops/status/1128749925490135041
https://twitter.com/cyb3rops/status/1128747354406948874
https://t.co/4E2kuZiTbD
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_susp_rdp.yml
https://twitter.com/cyb3rops/status/1128725509289009153
https://t.co/ed7bo5VqvP
https://t.co/0DsxjbtJsQ
https://medium.com/chronicle-blog/winnti-more-than-just-windows-and-gates-e4f03436031a
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_winnti_linux.yar
https://twitter.com/cyb3rops/status/1128705749557874688
https://t.co/FaHPaX0g9d
https://threatvector.cylance.com/en_us/home/reaver-mapping-connections-between-disparate-chinese-apt-groups.html
https://twitter.com/cyb3rops/status/1128657020696125440
https://t.co/F19O3HxJBq
https://www.elastic.co/products/beats/winlogbeat
https://twitter.com/cyb3rops/status/1128639306845888512
https://t.co/ueagANOlVp
https://t.co/rlMayDvgGF
https://threatpost.com/microsoft-patches-zero-day/144742/
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708
https://twitter.com/cyb3rops/status/1128363152578699264
https://twitter.com/cyb3rops/status/1128362777058394115
https://twitter.com/cyb3rops/status/1128335974583418880
https://twitter.com/cyb3rops/status/1128328793616277510
https://twitter.com/cyb3rops/status/1128286135107584001
https://twitter.com/cyb3rops/status/1128285658496360448
https://twitter.com/cyb3rops/status/1128013087309803521
https://t.co/L5tkAzxIOk
https://securelist.com/scarcruft-continues-to-evolve-introduces-bluetooth-harvester/90729/
https://twitter.com/cyb3rops/status/1127985342265610241
https://twitter.com/cyb3rops/status/1127975502646587392
https://twitter.com/cyb3rops/status/1127974440065753089
https://twitter.com/cyb3rops/status/1127971982769885184
https://t.co/bcjJl88s6h
https://gist.github.com/Neo23x0/f1bb645a4f715cb499150c5a14d82b44
https://twitter.com/cyb3rops/status/1127840813634019328
https://twitter.com/cyb3rops/status/1127336246953615361
https://twitter.com/cyb3rops/status/1127334946362863617
https://t.co/L1C6Epp1zK
https://www.slideshare.net/FlorianRoth2/security-analyst-workshop-20190314
https://twitter.com/cyb3rops/status/1127332479940157440
https://twitter.com/cyb3rops/status/1127254252223696896
https://t.co/EW7EZf7WKW
https://github.com/awslabs/git-secrets
https://twitter.com/cyb3rops/status/1127150310944800770
https://t.co/Boa9DwdkWS
https://t.co/tMimjFCcKI
https://t.co/iP4rtF12Up
https://github.com/Neo23x0/sigma/
https://github.com/Neo23x0/sigma/tree/master/rules
https://www.sans.org/webcasts/mitre-att-ck-sigma-alerting-110010
https://twitter.com/cyb3rops/status/1123115072241446912
https://twitter.com/cyb3rops/status/1122946102209187845
https://t.co/JadsE6En8O
https://t.co/hu85y055VF
https://magic-wormhole.readthedocs.io/en/latest/welcome.html
http://www.lothar.com/~warner/MagicWormhole-PyCon2016.pdf
https://twitter.com/cyb3rops/status/1122866158091276296
https://t.co/FNAR0CohjR
https://twitter.com/thor_scanner/status/1122857601300090880
https://twitter.com/cyb3rops/status/1122798968503787520
https://t.co/Ulr7uXZuUb
https://securelist.com/muddywaters-arsenal/90659/
https://twitter.com/cyb3rops/status/1122756841774120965
https://twitter.com/cyb3rops/status/1122487210991865856
https://t.co/Sg3wPEUQrA
https://github.com/Neo23x0/munin/blob/master/munin.py#L1314
https://twitter.com/cyb3rops/status/1122471629701943296
https://twitter.com/cyb3rops/status/1122469255121973248
https://twitter.com/cyb3rops/status/1122440429289517057
https://twitter.com/cyb3rops/status/1122440339435008000
https://twitter.com/cyb3rops/status/1122214519290376192
https://t.co/yg7gm30FNG
https://github.com/warner/magic-wormhole
https://twitter.com/cyb3rops/status/1122167094722945024
https://twitter.com/cyb3rops/status/1122166872718311425
https://twitter.com/cyb3rops/status/1122140371625099270
https://twitter.com/cyb3rops/status/1122119893342724096
https://twitter.com/cyb3rops/status/1122072576333946880
https://twitter.com/cyb3rops/status/1122072038649335808
https://twitter.com/cyb3rops/status/1122071769278500866
https://t.co/i41LalhvY0
https://t.co/Pb3QRGKQwO
http://munin.py
http://munin-host.py
https://twitter.com/cyb3rops/status/1122069799830474752
https://twitter.com/cyb3rops/status/1121892372781182976
https://t.co/hV1gO3j7EC
https://t.co/SEnaHki7iB
https://www.virustotal.com/gui/file/03271bcd75f3dd98b221c8a8a386fa3ead58c9c43db9957478815dda380cf11d/details
https://www.virustotal.com/gui/file/45fe1a0e87ce466e30f3fa9a0822d25eb2dfa7fa9c3b8dbfa1c28a7da904ada1/details
https://twitter.com/cyb3rops/status/1121851804998864897
https://twitter.com/cyb3rops/status/1121693018610896898
https://t.co/C07i3sgVSv
https://t.co/7c2nlFeVhV
https://blog.trendmicro.com/trendlabs-security-intelligence/uncovering-cve-2019-0232-a-remote-code-execution-vulnerability-in-apache-tomcat/
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_webshell_detection.yml
https://twitter.com/cyb3rops/status/1121672404353208321
https://twitter.com/cyb3rops/status/1121657578990125056
https://twitter.com/cyb3rops/status/1121489659874488320
https://t.co/9lo5PGlwn0
https://www.nextron-systems.com/notes-on-virustotal-matches/
https://twitter.com/cyb3rops/status/1121342916994244608
https://twitter.com/cyb3rops/status/1121333824372318208
https://t.co/FjmG43yVDm
https://github.com/Neo23x0/munin
https://twitter.com/cyb3rops/status/1121131673649860609
https://t.co/8gaaPPZ5ya
https://cyberdefenses.com/yara-entropy-bit-math/
https://twitter.com/cyb3rops/status/1121124162184056832
https://t.co/JxpHyyNBPh
https://yara.readthedocs.io/en/v3.8.1/modules/pe.html
https://twitter.com/cyb3rops/status/1121122092005711872
https://t.co/cWIiEM23or
https://www.virustotal.com/gui/search/sfx%2520cmd/comments
https://twitter.com/cyb3rops/status/1121121522251436032
https://t.co/RsF27LHbU4
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_suspicious_strings.yar#L294
https://twitter.com/cyb3rops/status/1121030350984097792
https://t.co/RANjYZawMF
https://t.co/AuKrPW7spf
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_dnspionage.yar#L22
https://valhalla.nextron-systems.com/
https://twitter.com/cyb3rops/status/1120969660734824448
https://t.co/JccbTpDZ7B
https://blog.talosintelligence.com/2019/04/dnspionage-brings-out-karkoff.html
https://twitter.com/cyb3rops/status/1120808473644683266
https://t.co/xIhDxJSX6O
https://termshark.io/
https://twitter.com/cyb3rops/status/1120785611814731777
https://twitter.com/cyb3rops/status/1120582506863108096
https://twitter.com/cyb3rops/status/1120407486840832000
https://twitter.com/cyb3rops/status/1120407100742623238
https://twitter.com/cyb3rops/status/1120401053671931905
https://twitter.com/cyb3rops/status/1120376060863033346
https://twitter.com/cyb3rops/status/1120374902274633729
https://twitter.com/cyb3rops/status/1119867706646441984
https://t.co/4qZ5nQiGGq
https://www.virustotal.com/gui/file/deb6c59e11b1b9064580db35bdbd065ff6030b0a2ea68d0e4177385300d10144/detection
https://twitter.com/cyb3rops/status/1119851757608292352
https://twitter.com/cyb3rops/status/1119645751884308480
https://twitter.com/cyb3rops/status/1119644735235293186
https://twitter.com/cyb3rops/status/1119638691079753728
https://twitter.com/cyb3rops/status/1119582983810424834
https://twitter.com/cyb3rops/status/1119521251507212288
https://twitter.com/cyb3rops/status/1119506999266488321
https://t.co/FNr41arefu
https://t.co/FRPLVzzJWG
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_susp_powershell_enc_cmd.yml
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_susp_powershell_empire_lanuch.yml
https://twitter.com/cyb3rops/status/1119182076446687232
https://t.co/jzR8qGWelT
https://my.socprime.com/en/tdm-developers
https://twitter.com/cyb3rops/status/1118824087940366336
https://t.co/CwqX0iW5WK
https://github.com/VirusTotal/vt-cli
https://twitter.com/cyb3rops/status/1118552000873078786
https://twitter.com/cyb3rops/status/1118546963878895616
https://t.co/AuKrPW7spf
https://valhalla.nextron-systems.com/
https://twitter.com/cyb3rops/status/1118543902213013504
https://t.co/smawXhB5Qm
https://blog.talosintelligence.com/2019/04/seaturtle.html
https://twitter.com/cyb3rops/status/1118520854974009344
https://t.co/8q9Ps3zi5e
https://hub.docker.com/r/eranon/yargen
https://twitter.com/cyb3rops/status/1118515389829394432
https://twitter.com/cyb3rops/status/1118482595279405056
https://t.co/XSkHxvLvjQ
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_oilrig.yar#L247
https://twitter.com/cyb3rops/status/1118470120563728384
https://twitter.com/cyb3rops/status/1118418715467550725
https://t.co/GTgVmbjdRo
https://www.clearskysec.com/muddywater-targets-kurdish-groups-turkish-orgs/
https://twitter.com/cyb3rops/status/1118102483795087361
https://twitter.com/cyb3rops/status/1118071900066988034
https://twitter.com/cyb3rops/status/1118038433212055553
https://t.co/3F3OBRfdfb
https://twitter.com/strandjs/status/1117818258978222080
https://twitter.com/cyb3rops/status/1117860405127319552
https://t.co/HytD2IQmUG
https://motherboard.vice.com/en_us/article/ywyz3x/hackers-could-read-your-hotmail-msn-outlook-microsoft-customer-support
https://twitter.com/cyb3rops/status/1117684466770698242
https://t.co/TEe7jTtMtk
https://t.co/aUVAl24UvI
https://t.co/zWJYIrIxfT
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_wmi_event_subscription.yml
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_wmi_susp_scripting.yml
https://in.security/an-intro-into-abusing-and-identifying-wmi-event-subscriptions-for-persistence/
https://twitter.com/cyb3rops/status/1117472262632943618
https://t.co/VtdcqWnRQk
https://twitter.com/cyb3rops/status/646726648386072576
https://twitter.com/cyb3rops/status/1117466640612982784
https://t.co/vpudODHGeF
https://twitter.com/cyb3rops/status/1117455455947771904
https://twitter.com/cyb3rops/status/1117461695465754624
https://t.co/ojWjQDnstK
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_hidden_cobra.yar#L120
https://twitter.com/cyb3rops/status/1117456853938651136
https://t.co/nzMtshCXmF
https://t.co/mWH4MgYQGm
https://www.virustotal.com/gui/search/koadic/comments
https://twitter.com/InQuest/status/1116772541312401408
https://twitter.com/cyb3rops/status/1117455455947771904
https://twitter.com/cyb3rops/status/1117102051434090496
https://twitter.com/cyb3rops/status/1117100707503591426
https://t.co/FjmG43yVDm
https://github.com/Neo23x0/munin
https://twitter.com/cyb3rops/status/1117077060978204673
https://t.co/WFZv6XkkNo
https://dcso.github.io/MISP-dockerized-docs/intro/index.html
https://twitter.com/cyb3rops/status/1117071755997261826
https://t.co/V5aVbhbzXh
https://t.co/lKrEOmTGYv
https://www.us-cert.gov/ncas/analysis-reports/AR19-100A
https://otx.alienvault.com/indicator/file/96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7
https://twitter.com/cyb3rops/status/1116952847298498560
https://twitter.com/cyb3rops/status/1116586771926487041
https://twitter.com/cyb3rops/status/1116577376501022720
https://twitter.com/cyb3rops/status/1116380026507804674
https://t.co/7WtKeZRfdR
https://t.co/1IsV2FTZ0X
https://t.co/HFevIGuswK
https://github.com/Neo23x0/sigma/pull/311
https://github.com/Neo23x0/sigma/tree/master/other
https://github.com/krakow2600/atomic-threat-coverage
https://twitter.com/cyb3rops/status/1116359308457984000
https://twitter.com/cyb3rops/status/1116352625983795202
https://twitter.com/cyb3rops/status/1116352283422482432
https://t.co/FNr41arefu
https://t.co/rTsoL2gozb
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_susp_powershell_enc_cmd.yml
https://twitter.com/cyb3rops/status/1071127750596067329
https://twitter.com/cyb3rops/status/1116348177068720128
https://twitter.com/cyb3rops/status/1116333637836865538
https://t.co/FjmG43yVDm
https://github.com/Neo23x0/munin
https://twitter.com/cyb3rops/status/1116325965200797700
https://twitter.com/cyb3rops/status/1116325194367475713
https://twitter.com/cyb3rops/status/1116300791311212551
https://twitter.com/cyb3rops/status/1116300300091043840
https://t.co/DQwmuSgQ1x
https://any.run/report/a4b1ddf4fce066070e4c8c0c7dd8943e76b24f2a59d06f0120ad7649e320ad3e/
https://twitter.com/cyb3rops/status/1116298806566555648
https://t.co/J2sDYa8LAL
https://t.co/FjmG43yVDm
https://twitter.com/cyb3rops/status/1115554140854325248
https://github.com/Neo23x0/munin
https://twitter.com/cyb3rops/status/1116281889621454848
https://t.co/wm17VNadtJ
https://t.co/DQwmuSgQ1x
https://any.run/report/a4b1ddf4fce066070e4c8c0c7dd8943e76b24f2a59d06f0120ad7649e320ad3e/35d219ed-4d01-4eb8-884d-2328ca18fc98
https://any.run/report/a4b1ddf4fce066070e4c8c0c7dd8943e76b24f2a59d06f0120ad7649e320ad3e/
https://twitter.com/cyb3rops/status/1115554140854325248
https://t.co/FjmG43yVDm
https://github.com/Neo23x0/munin
https://twitter.com/cyb3rops/status/1115551968951402497
https://t.co/M5gIBrxrps
https://t.co/hjj3t9PJJN
http://api.urlhaus.abuse.ch
http://urlhaus-api.abuse.ch
https://twitter.com/cyb3rops/status/1115547123800522752
https://twitter.com/cyb3rops/status/1115507706549473280
https://t.co/aed982XjV5
https://t.co/3KJGskb3V9
https://tabula.technology/
https://github.com/Neo23x0/signature-base/commit/989a5fb54dbc7ed21d0430ce6c0dc7b3de7c6829
https://twitter.com/cyb3rops/status/1115498233369976832
https://t.co/FjmG43yVDm
https://github.com/Neo23x0/munin
https://twitter.com/cyb3rops/status/1115494103201001472
https://twitter.com/cyb3rops/status/1115493801945108480
https://twitter.com/cyb3rops/status/1115355378630504449
https://t.co/4OoUqJA4Es
https://zeltser.com/malware-sample-sources/
https://twitter.com/cyb3rops/status/1115320190798127105
https://twitter.com/cyb3rops/status/1114988110578888705
https://twitter.com/cyb3rops/status/1114835267947520000
https://t.co/M3M1XV0F8o
https://twitter.com/Alra3ees/status/1114741207073206274
https://twitter.com/cyb3rops/status/1114579914148044800
https://t.co/iWq0AVK6sh
https://t.co/SOEe6iTSQW
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_suspicious_strings.yar#L250
https://docs.google.com/spreadsheets/d/1_fV6EsM9L1DMWlrkn3YY99V2L6MEmuSXB6diijHgoA4/
https://twitter.com/cyb3rops/status/1114250078594768896
https://t.co/0Lu2RYmkxM
https://github.com/NextronSystems/valhallaAPI#scores
https://twitter.com/cyb3rops/status/1114153089303367688
https://t.co/IOOAC2w7Me
https://twitter.com/cyb3rops/status/1114060079626706945
https://twitter.com/cyb3rops/status/1114147671290384384
https://twitter.com/cyb3rops/status/1114102058012090369
https://twitter.com/cyb3rops/status/1114060079626706945
https://t.co/Qqg0sfmJEO
https://github.com/Neo23x0/signature-base
https://twitter.com/cyb3rops/status/1114055060089188352
https://t.co/D7eQ4dBuZO
https://twitter.com/thor_scanner/status/1114047461692252161
https://twitter.com/cyb3rops/status/1114042136683524096
https://twitter.com/cyb3rops/status/1113805577518448640
https://twitter.com/cyb3rops/status/1113701542585040896
https://twitter.com/cyb3rops/status/1113699677235490816
https://twitter.com/cyb3rops/status/1113688312202637314
https://t.co/VMcNNluFJp
https://github.com/TKCERT/winnti-nmap-script
https://twitter.com/cyb3rops/status/1113680848254009345
https://twitter.com/cyb3rops/status/1113142869676584961
https://twitter.com/cyb3rops/status/1113119821976219648
https://t.co/6XQtzlW4ZG
https://www.youtube.com/watch?v=NFJqD-LcpIg
https://twitter.com/cyb3rops/status/1113110962507321346
https://twitter.com/cyb3rops/status/1113097403765321728
https://t.co/ksg84wbKRN
https://t.co/AVLm1y6fTU
https://alamot.github.io/reverse_shells/
https://github.com/Neo23x0/sigma/blob/master/rules/linux/lnx_shell_susp_rev_shells.yml
https://twitter.com/cyb3rops/status/1112760057425551360
https://t.co/EdQav1CCNb
https://pastebin.com/dDjzBum9
https://twitter.com/cyb3rops/status/1112630477377150976
https://twitter.com/cyb3rops/status/1112362897563369473
https://t.co/HALWhgbA8G
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_multiple_suspicious_cli.yml
https://twitter.com/cyb3rops/status/1112049757504106496
https://twitter.com/cyb3rops/status/1112000054074716161
https://t.co/kyFj0uUfgg
https://gist.github.com/Neo23x0/577926e34183b4cedd76aa33f6e4dfa3
https://twitter.com/cyb3rops/status/1111712640152293376
https://twitter.com/cyb3rops/status/1111712569209831424
https://twitter.com/cyb3rops/status/1111591822323789824
https://twitter.com/cyb3rops/status/1111535966357991424
https://twitter.com/cyb3rops/status/1111526707528417280
https://t.co/1aOoDDbpYu
https://twitter.com/ippsec/status/1111407098565296128
https://twitter.com/cyb3rops/status/1111362098968358914
https://twitter.com/cyb3rops/status/1111029628527931392
https://twitter.com/cyb3rops/status/1110959295405920256
https://t.co/xSvpMTUyy1
https://www.symantec.com/blogs/threat-intelligence/elfin-apt33-espionage
https://twitter.com/cyb3rops/status/1110897779411435522
https://t.co/J0dbGhcMRr
https://www.fireeye.com/blog/threat-research/2019/03/winrar-zero-day-abused-in-multiple-campaigns.html
https://twitter.com/cyb3rops/status/1110455149342982144
https://t.co/mP37qInJrF
https://github.com/Neo23x0/sigma/issues/289
https://twitter.com/cyb3rops/status/1110441889361219585
https://twitter.com/cyb3rops/status/1110243594181505025
https://twitter.com/cyb3rops/status/1110241619884892167
https://twitter.com/cyb3rops/status/1110234716429606913
https://t.co/CQpE9ORZ43
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_op_shadowhammer.yar
https://twitter.com/cyb3rops/status/1110174973505818625
https://t.co/2voRyS2ZxL
https://t.co/RqeommRn0E
https://motherboard.vice.com/en_us/article/pan9wn/hackers-hijacked-asus-software-updates-to-install-backdoors-on-thousands-of-computers
https://securelist.com/operation-shadowhammer/89992/
https://twitter.com/cyb3rops/status/1109846995672485888
https://twitter.com/cyb3rops/status/1109433400597848064
https://t.co/ckPIa69nQW
https://youtu.be/l9sztL9FQto
https://twitter.com/cyb3rops/status/1109176059713466370
https://twitter.com/cyb3rops/status/1109160948261158912
https://twitter.com/cyb3rops/status/1109150290064957440
https://twitter.com/cyb3rops/status/1109144212728172545
https://twitter.com/cyb3rops/status/1109143418981285888
https://t.co/f7mTZ5Z3KC
https://gist.github.com/Neo23x0/d71dca74fa62522f2235ff95106943f2
https://twitter.com/cyb3rops/status/1109138729023823872
https://twitter.com/cyb3rops/status/1109075939617619968
https://twitter.com/cyb3rops/status/1109045011654545409
https://twitter.com/cyb3rops/status/1109033140184600577
https://t.co/wXK23xgA6i
https://t.co/rpXfcQJDSc
https://abuse.io/lockergoga.txt
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_mal_lockergoga.yml
https://twitter.com/cyb3rops/status/1109001146138542080
https://t.co/Hq3zLWjh1o
https://blog.dcso.de/enterprise-malware-as-a-service/
https://twitter.com/cyb3rops/status/1109000871747174400
https://t.co/FIUj3VHgMe
https://www.flashpoint-intel.com/blog/fin7-revisited-inside-astra-panel-and-sqlrat-malware/
https://twitter.com/cyb3rops/status/1108998554348081152
https://t.co/MfG6cmPAYF
https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html
https://twitter.com/cyb3rops/status/1108995871935475712
https://t.co/6E0Jk57zyz
https://emma.best/2019/03/20/the-russian-contractor-who-infiltrated-anonymous/
https://twitter.com/cyb3rops/status/1108767445253345281
https://twitter.com/cyb3rops/status/1108704037745106947
https://twitter.com/cyb3rops/status/1108058970156122114
https://twitter.com/cyb3rops/status/1108034444621946887
https://twitter.com/cyb3rops/status/1108030017836060672
https://twitter.com/cyb3rops/status/1108023229602500608
https://twitter.com/cyb3rops/status/1108022408894517253
https://t.co/jDKgXNN1ih
https://unit42.paloaltonetworks.com/cardinal-rat-sins-again-targets-israeli-fin-tech-firms/
https://twitter.com/cyb3rops/status/1108020519989850112
https://t.co/4fpTnIjyf6
https://start.me/p/rxRbpo/ti
https://twitter.com/cyb3rops/status/1108017748100018176
https://t.co/lX1eZ9KzdO
https://t.co/T1eKl6eKM4
https://t.co/IPd1KcVWLW
https://www.bleepingcomputer.com/news/security/lockergoga-ransomware-sends-norsk-hydro-into-manual-mode/
https://www.nrk.no/norge/skreddersydd-dobbeltangrep-mot-hydro-1.14480202
https://github.com/Neo23x0/signature-base/blob/master/yara/crime_ransom_lockergoga.yar
https://twitter.com/cyb3rops/status/1107015688642809856
https://t.co/bTl7VzWAZn
https://blog.dcso.de/pegasus-buhtrap-analysis-of-the-malware-stage-based-on-the-leaked-source-code/
https://twitter.com/cyb3rops/status/1106943197178155009
https://t.co/ERDx2AIb5o
https://beta.virusbay.io/sample/browse/a849760135ad2808eb4491d64e963966
https://twitter.com/cyb3rops/status/1106876586727481344
https://twitter.com/cyb3rops/status/1106822984323514373
https://t.co/CUYDgEwFAz
https://github.com/Neo23x0/sigma/pull/257
https://twitter.com/cyb3rops/status/1106622344058097664
https://twitter.com/cyb3rops/status/1106481902771470336
https://twitter.com/cyb3rops/status/1106435650772000768
https://twitter.com/cyb3rops/status/1106194100485844992
https://twitter.com/cyb3rops/status/1105882527204560896
https://t.co/vrK1Wo87cb
https://resecurity.com/blog/supply-chain-the-major-target-of-cyberespionage-groups/
https://twitter.com/cyb3rops/status/1105513963666587649
https://twitter.com/cyb3rops/status/1105477113904353282
https://twitter.com/cyb3rops/status/1105432281110450176
https://twitter.com/cyb3rops/status/1105409282059710464
https://twitter.com/cyb3rops/status/1105391005082112001
https://twitter.com/cyb3rops/status/1105237520877531138
https://twitter.com/cyb3rops/status/1105206271572168707
https://t.co/YyZFuNiypu
https://www.tricider.com/admin/3ZB7jHbIl5B/5kA5T5R2QdL
https://twitter.com/cyb3rops/status/1105203111889641472
https://twitter.com/cyb3rops/status/1105202298748309506
https://t.co/YyZFuNiypu
https://www.tricider.com/admin/3ZB7jHbIl5B/5kA5T5R2QdL
https://twitter.com/cyb3rops/status/1105201960284835841
https://twitter.com/cyb3rops/status/1105193053445390342
https://twitter.com/cyb3rops/status/1105116829633138689
https://twitter.com/cyb3rops/status/1105050994977722369
https://t.co/YlaT8Sb5fC
https://twitter.com/tlansec/status/1105041016225071105
https://twitter.com/cyb3rops/status/1104785161416335360
https://t.co/At2O9iLzuP
https://posts.specterops.io/putting-sysmon-v9-0-and-or-grouping-logic-to-the-test-c3ec27263df8
https://twitter.com/cyb3rops/status/1104659064087371776
https://twitter.com/cyb3rops/status/1104501384756555778
https://twitter.com/cyb3rops/status/1104484087589470208
https://twitter.com/cyb3rops/status/1104343688858292225
https://twitter.com/cyb3rops/status/1104291822967443456
https://twitter.com/cyb3rops/status/1104286779635613697
https://twitter.com/cyb3rops/status/1104285090060922880
https://t.co/HCkoRqWkHe
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_aus_parl_compromise.yar
https://twitter.com/cyb3rops/status/1104274932622602240
https://t.co/G70ycpOyyD
https://www.nbcnews.com/politics/national-security/iranian-backed-hackers-stole-data-major-u-s-government-contractor-n980986
https://twitter.com/cyb3rops/status/1104041380240859136
https://t.co/lFV8hvhncZ
https://t.co/yPkFoXO4R9
https://github.com/Neo23x0/sigma/blob/master/rules/proxy/proxy_ua_bitsadmin_susp_tld.yml
https://github.com/Neo23x0/sigma/tree/master/rules/proxy
https://twitter.com/cyb3rops/status/1104035979617284097
https://twitter.com/cyb3rops/status/1104002229126737922
https://t.co/s9Xj53XXr4
http://linkpc.net
https://twitter.com/cyb3rops/status/1103902287733252096
https://twitter.com/cyb3rops/status/1103725333180747779
https://t.co/k3HWRzx4lw
https://blog.trendmicro.com/trendlabs-security-intelligence/new-slub-backdoor-uses-github-communicates-via-slack/
https://twitter.com/cyb3rops/status/1103648595159515136
https://twitter.com/cyb3rops/status/1103630991674040320
https://twitter.com/cyb3rops/status/1103611306412818432
https://t.co/mPcXq4KkmB
https://gist.github.com/Neo23x0/fe5cae74c9128c600620ed0f18357929
https://twitter.com/cyb3rops/status/1103597897432662016
https://t.co/XE9YQyvG7a
https://github.com/VirusTotal/yara/releases?after=v3.3.0
https://twitter.com/cyb3rops/status/1103588191762829312
https://t.co/LxsVcyMrwL
https://github.com/Neo23x0/sigma/pull/276
https://twitter.com/cyb3rops/status/1103565669193400320
https://twitter.com/cyb3rops/status/1103295312150622211
https://t.co/0Y7BMrqoO3
https://goo.gl/4bdctB
https://twitter.com/cyb3rops/status/1103293872979902464
https://t.co/ibDeASKZz0
https://t.co/i4oea67l5W
https://gchq.github.io/CyberChef/#recipe=Microsoft_Script_Decoder
https://twitter.com/DissectMalware/status/1097056821163057152
https://twitter.com/cyb3rops/status/1102916676771823617
https://t.co/dKVUXOyssc
https://unit42.paloaltonetworks.com/new-python-based-payload-mechaflounder-used-by-chafer/
https://twitter.com/cyb3rops/status/1102844985131569153
https://t.co/dKVUXOyssc
https://unit42.paloaltonetworks.com/new-python-based-payload-mechaflounder-used-by-chafer/
https://twitter.com/cyb3rops/status/1102302347907223553
https://twitter.com/cyb3rops/status/1102296112394833920
https://twitter.com/cyb3rops/status/1102244246764089349
https://twitter.com/cyb3rops/status/1102144203746877441
https://twitter.com/cyb3rops/status/1102140962497798145
https://twitter.com/cyb3rops/status/1101939176830836737
https://t.co/HDP5V95pCC
https://en.wikipedia.org/wiki/Survivorship_bias
https://twitter.com/cyb3rops/status/1101921157622759424
https://twitter.com/cyb3rops/status/1101918172444270594
https://t.co/MPnKk4JX8C
https://infograph.venngage.com/view/897dc00b-c2cf-4910-a7d3-28ea94f02252
https://twitter.com/cyb3rops/status/1101917253384187905
https://t.co/bXlfxRvo02
https://t.co/8KP9lXmXgA
https://t.co/VnCEYDMF0V
https://github.com/Neo23x0/sigma/wiki/Taxonomy
https://github.com/Neo23x0/sigma#examples-1
https://github.com/Neo23x0/sigma/releases/tag/0.8
https://twitter.com/cyb3rops/status/1101868634023096320
https://t.co/8v57Y2LIZF
https://t.co/nsZkgTTxLk
https://github.com/Neo23x0/signature-base/commit/78706dbe460dcc612a0d65ac942bc96e18bbf7f7
https://gist.github.com/Neo23x0/e3d4e316d7441d9143c7
https://twitter.com/cyb3rops/status/1101542043149574144
https://twitter.com/cyb3rops/status/1101518552761290761
https://twitter.com/cyb3rops/status/1101384659798241280
https://t.co/uP9RgnWXMw
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_cmd_script_obfuscated.yar
https://twitter.com/cyb3rops/status/1101191939142094849
https://twitter.com/cyb3rops/status/1101138784933085191
https://t.co/OllFzVwWe6
https://github.com/Neo23x0/signature-base/blob/master/yara/crime_atm_dispenserxfs.yar
https://twitter.com/cyb3rops/status/1101138043568713728
https://twitter.com/cyb3rops/status/1101093479495725057
https://t.co/Rld0nCsyIs
https://github.com/fboldewin/YARA-rules/compare/master...Neo23x0:patch-1
https://twitter.com/cyb3rops/status/1101091007200940032
https://t.co/zp7deTmlki
https://www.virustotal.com/en/file/867991ade335186baa19a227e3a044c8321a6cef96c23c98eef21fe6b87edf6a/analysis/
https://twitter.com/cyb3rops/status/1101090298535514115
https://twitter.com/cyb3rops/status/1101066268268994561
https://t.co/knoJUNAybT
https://t.co/5NR5PGNBfG
https://t.co/NH750ZDQcu
https://www.virustotal.com/en/file/99b0b24dcfb29291163b66c60355b6e1454c6a3d5dfbc2cd7b86b1ca548761eb/analysis/
https://beta.virusbay.io/sample/browse/8306dee19c05bf19b6b2d6db2f4425e5
https://www.virustotal.com/en/file/784df024a3a36483ed2f899c178a4ad5ba5b70c6ef5936436da3ef78691c6c9e/analysis/1551348887/
https://twitter.com/cyb3rops/status/1101052326943604737
https://twitter.com/cyb3rops/status/1101040217274896384
https://t.co/0old7KhoNF
https://twitter.com/campuscodi/status/1100876083241631744
https://twitter.com/cyb3rops/status/1101039264966549505
https://t.co/WwxSQ2fgq0
https://twitter.com/Hexacorn/status/1091848334963367936
https://twitter.com/cyb3rops/status/1101033336842145792
https://t.co/vJQoWyhUhB
https://t.co/MSFYPLEFUT
http://xssed.com
http://www.xssed.com/archive/author=Venom23/
https://twitter.com/cyb3rops/status/1100766494265409537
https://t.co/dPI6545Nqy
https://www.secureworks.com/research/a-peek-into-bronze-unions-toolbox
https://twitter.com/cyb3rops/status/1100735218925867008
https://t.co/e5tlsLKwur
https://t.co/cbLa9JwV9j
https://patzke.org/a-guide-to-generic-log-sources-in-sigma.html
https://github.com/Neo23x0/sigma/tree/project-1/rules/windows/process_creation
https://twitter.com/cyb3rops/status/1100723672418082818
https://t.co/yPkFoXO4R9
https://github.com/Neo23x0/sigma/tree/master/rules/proxy
https://twitter.com/cyb3rops/status/1100718792437571584
https://twitter.com/cyb3rops/status/1100692549143023616
https://twitter.com/cyb3rops/status/1100691594313977856
https://t.co/8pi8G3jIir
https://dcso.de/de/talente/
https://twitter.com/cyb3rops/status/1100686671933329408
https://twitter.com/cyb3rops/status/1100683668346077185
https://twitter.com/cyb3rops/status/1100682993881047041
https://t.co/F6uY9VKFfr
https://twitter.com/cyb3rops/status/1094951839399899137
https://twitter.com/cyb3rops/status/1100681597169397760
https://twitter.com/cyb3rops/status/1100678721751650305
https://twitter.com/cyb3rops/status/1100673159844556801
https://t.co/wdtBqWSu4V
https://t.co/yPkFoXO4R9
https://pastebin.com/ekjCavTq
https://github.com/Neo23x0/sigma/tree/master/rules/proxy
https://twitter.com/cyb3rops/status/1100668485770846210
https://t.co/2erfgaZahn
https://t.co/ReiEOgVPzj
https://pastebin.com/AUPRqRe9
https://github.com/EmpireProject/Empire/search?p=1&q=Mozilla&unscoped_q=Mozilla
https://twitter.com/cyb3rops/status/1100064660517281792
https://t.co/e5tlsLKwur
https://patzke.org/a-guide-to-generic-log-sources-in-sigma.html
https://twitter.com/cyb3rops/status/1099948805385056256
https://twitter.com/cyb3rops/status/1099691453691973634
https://twitter.com/cyb3rops/status/1099675443882586115
https://twitter.com/cyb3rops/status/1099658292731744256
https://t.co/x11gaAAiG1
https://t.co/Q16pZzPS2J
https://github.com/Neo23x0/sigma/blob/master/rules/apt/apt_babyshark.yml
https://github.com/Neo23x0/sigma/blob/master/rules/windows/builtin/win_susp_certutil_encode.yml
https://twitter.com/cyb3rops/status/1099650917664727040
https://twitter.com/cyb3rops/status/1099646334666227712
https://t.co/1Z4nQDJVXk
https://t.co/WZK39LYWgm
https://t.co/XXgkFInfkc
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_babyshark.yar
https://unit42.paloaltonetworks.com/new-babyshark-malware-targets-u-s-national-security-think-tanks/
https://docs.google.com/spreadsheets/d/1nmwcOYgRmfAZfrfm23W935tB7YXm5qjXA-WKYa7H_KE/edit?usp=sharing
https://twitter.com/cyb3rops/status/1099062328258150401
https://t.co/nsZkgTTxLk
https://gist.github.com/Neo23x0/e3d4e316d7441d9143c7
https://twitter.com/cyb3rops/status/1099054343578357763
https://t.co/muve0GCFOd
https://t.co/2t26KBV0to
https://github.com/VirusTotal/yara/releases
https://www.dropbox.com/sh/umip8ndplytwzj1/AADdLRsrpJL1CM1vPVAxc5JZa?dl=0&lst=
https://twitter.com/cyb3rops/status/1099016196274483200
https://t.co/PiJfDvREvR
https://uncoder.io/
https://twitter.com/cyb3rops/status/1098828288821211136
https://twitter.com/cyb3rops/status/1098557657894531072
https://t.co/zwYR42HLkq
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_susp_exec_folder.yml
https://twitter.com/cyb3rops/status/1098550694318084096
https://twitter.com/cyb3rops/status/1098506558080778240
https://t.co/eqfLs8EP45
https://github.com/Neo23x0/sigma/blob/master/rules/apt/apt_bear_activity_gtr19.yml
https://twitter.com/cyb3rops/status/1098498828427296768
https://t.co/U6apqBelNG
https://t.co/EEXMFdEmwJ
https://www.crowdstrike.com/resources/reports/2019-crowdstrike-global-threat-report/
https://github.com/Neo23x0/sigma/blob/master/rules/apt/apt_judgement_panda_gtr19.yml
https://twitter.com/cyb3rops/status/1098129033903202304
https://t.co/24ImHiPRET
https://t.co/8aItEOHKCd
https://github.com/Neo23x0/signature-base/blob/master/yara/thor-webshells.yar#L8920
https://www.nextron-systems.com/spark-core/
https://twitter.com/cyb3rops/status/1097990038716059648
https://twitter.com/cyb3rops/status/1097957700565192715
https://twitter.com/cyb3rops/status/1097789146612068352
https://t.co/3dtur7UGsc
https://www.nextron-systems.com/
https://twitter.com/cyb3rops/status/1097783686756552704
https://t.co/EeaO95fFxj
https://t.co/Qqg0sfmJEO
https://github.com/Neo23x0/sigma
https://github.com/Neo23x0/signature-base
https://twitter.com/cyb3rops/status/1097770021424717824
https://twitter.com/cyb3rops/status/1097768146176536576
https://t.co/Bc4PzL2aJM
https://amp.smh.com.au/politics/federal/china-key-suspect-in-pre-election-hack-against-major-parties-20190218-p50ymg.html
https://twitter.com/cyb3rops/status/1097534232665223169
https://t.co/nIsYYNlTbl
https://pilotpriest.bandcamp.com/album/original-motion-picture-soundtrack
https://twitter.com/cyb3rops/status/1097516446664531968
https://twitter.com/cyb3rops/status/1097441430107291648
https://twitter.com/cyb3rops/status/1097436838585946112
https://t.co/MuD3JuIeZW
https://github.com/Neo23x0/signature-base/commit/63999ebad98ed6f1aff480d475a114d024104a15
https://twitter.com/cyb3rops/status/1097433062743392261
https://twitter.com/cyb3rops/status/1097423665472376832
https://t.co/jng4lqhq0z
https://t.co/qWEkJAmW0w
https://www.virustotal.com/en/user/cybergovau/
https://docs.google.com/spreadsheets/d/1XoanpsUmvPPJCM-rt11cOeBzsgVF8OvL_JF_Hhexf5I/edit?usp=sharing
https://twitter.com/cyb3rops/status/1097413230778032129
https://t.co/K63ab9eyUS
https://cyber.gov.au/government/news/parliament-house-network-compromise/
https://twitter.com/cyb3rops/status/1097137708328251392
https://twitter.com/cyb3rops/status/1096889091407441922
https://twitter.com/cyb3rops/status/1096842275437625346
https://t.co/kUX7COD34T
https://t.co/YbzvXXT0zE
https://t.co/katGPh6cFm
https://github.com/Neo23x0/sigma/blob/master/rules/windows/builtin/win_rdp_reverse_tunnel.yml
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_rdp_reverse_tunnel.yml
https://twitter.com/SBousseaden/status/1096148422984384514
https://twitter.com/cyb3rops/status/1096690866809458688
https://t.co/iP4rtF12Up
https://www.sans.org/webcasts/mitre-att-ck-sigma-alerting-110010
https://twitter.com/cyb3rops/status/1096675987222380544
https://t.co/1L0NEQrlPS
https://t.co/EqcVk8HisT
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_cert_payloads.yar
https://twitter.com/JohnLaTwC/status/1096550619794395136
https://twitter.com/cyb3rops/status/1096379204785111040
https://twitter.com/cyb3rops/status/1096329805585354752
https://twitter.com/cyb3rops/status/1096313017376096259
https://twitter.com/cyb3rops/status/1096302738877620224
https://twitter.com/cyb3rops/status/1096293120352886784
https://t.co/1O1Bz4Lha8
https://twitter.com/atc_project/status/1095801906553896961
https://twitter.com/cyb3rops/status/1095770687107723265
https://twitter.com/cyb3rops/status/1095709454761320449
https://t.co/Me6GHT5RWD
https://twitter.com/cyb3rops/status/763337020429271040?s=21
https://twitter.com/cyb3rops/status/1095709120433438721
https://twitter.com/cyb3rops/status/1095708482806972416
https://twitter.com/cyb3rops/status/1095706759845556226
https://t.co/iP4rtF12Up
https://www.sans.org/webcasts/mitre-att-ck-sigma-alerting-110010
https://twitter.com/cyb3rops/status/1095671584633880576
https://t.co/N5E7xjJowS
https://t.co/GI9RrwKsij
https://godbolt.org/
https://go.godbolt.org/
https://twitter.com/cyb3rops/status/1095588260708040704
https://t.co/Qeyd08SEmg
https://t.co/8aItEOHKCd
https://t.co/VVqnGnteb3
https://t.co/OopSDG2HPJ
https://github.com/Neo23x0/signature-base/tree/master/yara
https://www.nextron-systems.com/spark-core/
https://github.com/Neo23x0/Loki
https://www.nextron-systems.com/yara-rule-feed/
https://twitter.com/cyb3rops/status/1095250631894413312
https://t.co/YyLkRhzp9g
https://www.nextron-systems.com/2018/02/10/write-sigma-rules/
https://twitter.com/cyb3rops/status/1095227202000568321
https://twitter.com/cyb3rops/status/1095079624596443136
https://twitter.com/cyb3rops/status/1094952956376436739
https://twitter.com/cyb3rops/status/1094951839399899137
https://twitter.com/cyb3rops/status/1094945342989176832
https://twitter.com/cyb3rops/status/1094943197741154304
https://t.co/WwVGw94KDR
https://t.co/rPv9K6J3Gq
https://twitter.com/SBousseaden/status/1094924091256176641
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_susp_csc.yml
https://twitter.com/cyb3rops/status/1094911051794206720
https://twitter.com/cyb3rops/status/1094224323630559234
https://t.co/bnKcO60AgH
https://github.com/Neo23x0/sigma/blob/master/rules/windows/builtin/win_susp_svchost.yml
https://twitter.com/cyb3rops/status/1094220889967730688
https://t.co/PMQyKXe1zB
https://github.com/Neo23x0/sigma/blob/master/rules/windows/builtin/win_susp_calc.yml
https://twitter.com/cyb3rops/status/1094174852628533251
https://t.co/3e8QCa9wWv
https://github.com/Neo23x0/munin/#munin-hosts
https://twitter.com/cyb3rops/status/1094147962614239233
https://twitter.com/cyb3rops/status/1094145047291924480
https://t.co/qbtD1x2q3L
https://t.co/tnAOeP6tZK
https://www.virustotal.com/en/file/9e3a0afb92c4fcee2d07ccf26176f9b1df106b6fc6a8a3327a7c9a5692473edd/analysis/
https://app.any.run/tasks/03185c2e-1e4c-463f-8464-43771031011e
https://twitter.com/cyb3rops/status/1093883643477528576
https://twitter.com/cyb3rops/status/1093865083044810757
https://twitter.com/cyb3rops/status/1093796199579217920
https://twitter.com/cyb3rops/status/1093782367393771520
https://t.co/Gs6p1cb47k
https://www.virustotal.com/en/user/thor/
https://twitter.com/cyb3rops/status/1093458355660689409
https://twitter.com/cyb3rops/status/1093272300324032512
https://t.co/UrRX5wTcLJ
https://www.nextron-systems.com/2019/02/06/antivirus-event-analysis-cheat-sheet-v1-7/
https://twitter.com/cyb3rops/status/1093214250594648064
https://t.co/9bPnqWSaDA
https://twitter.com/JohnLaTwC/status/1092828811249410048
https://twitter.com/cyb3rops/status/1093214019912118277
https://t.co/PrI1rJdLJC
https://github.com/Neo23x0/sigma/blob/master/rules/windows/builtin/win_susp_gup.yml
https://twitter.com/cyb3rops/status/1093178228993347584
https://twitter.com/cyb3rops/status/1093160802629177345
https://twitter.com/cyb3rops/status/1093154274627014658
https://twitter.com/cyb3rops/status/1093153637822590976
https://twitter.com/cyb3rops/status/1093152683467386886
https://twitter.com/cyb3rops/status/1093145982936723456
https://twitter.com/cyb3rops/status/1092800986224214016
https://t.co/c5udExlgJj
https://github.com/Neo23x0/sigma/blob/master/rules/linux/lnx_shell_susp_commands.yml
https://twitter.com/cyb3rops/status/1092408863230517254
https://twitter.com/cyb3rops/status/1092404707556052992
https://twitter.com/cyb3rops/status/1091613950695915520
https://twitter.com/cyb3rops/status/1091597978719141888
https://t.co/OxKueHr1t2
https://gchq.github.io/CyberChef/
https://twitter.com/cyb3rops/status/1091040690082115585
https://twitter.com/cyb3rops/status/1090994974475382786
https://twitter.com/cyb3rops/status/1090714476771491845
https://t.co/9ggsofJO0u
https://www.virustotal.com/en/file/745024e2d33817ec5dcae0b509c5d63ac6551948c3c48b1e9be3d1efc4c33d09/analysis/
https://twitter.com/cyb3rops/status/1090676109329526784
https://twitter.com/cyb3rops/status/1090656010849656832
https://t.co/18aQ1bH56A
https://www.reuters.com/investigates/special-report/usa-spying-raven/
https://twitter.com/cyb3rops/status/1090571163447803906
https://t.co/pqD8zMg9Zo
https://securelist.com/chafer-used-remexi-malware/89538/
https://twitter.com/cyb3rops/status/1090557217273720832
https://twitter.com/cyb3rops/status/1090513437644546048
https://t.co/np4GS1xILf
http://www.malcrawler.com/kuwait-oil-themed-malware-targeting-industry/
https://twitter.com/cyb3rops/status/1090510480391708673
https://twitter.com/cyb3rops/status/1090315692736417792
https://t.co/ITIbymqSpO
https://redmondmag.com/articles/2015/06/22/windows-server-2003-support.aspx
https://twitter.com/cyb3rops/status/1090284897829302272
https://twitter.com/cyb3rops/status/1090263380131078144
https://t.co/T1OVZSniZi
https://github.com/Neo23x0/sigma/blob/master/rules/windows/builtin/win_susp_ntdsutil.yml
https://twitter.com/cyb3rops/status/1090261914574192641
https://t.co/1o2ECyFkDm
https://docs.microsoft.com/en-us/azure/azure-monitor/log-query/get-started-queries
https://twitter.com/cyb3rops/status/1090224049987436544
https://twitter.com/cyb3rops/status/1090163817760415746
https://twitter.com/cyb3rops/status/1090153559176421376
https://twitter.com/cyb3rops/status/1090152320854384640
https://t.co/bIEK4KpysH
https://t.co/YZ5LXHR7Mh
https://blogs.msdn.microsoft.com/aaron_margosis/2019/01/28/aaronlocker-moved-to-github/
https://channel9.msdn.com/Shows/Defrag-Tools/Defrag-Tools-198-AaronLocker
https://twitter.com/cyb3rops/status/1090014150573654017
https://t.co/kHTLDvsdRf
https://cula.io/
https://twitter.com/cyb3rops/status/1089991636753494016
https://t.co/QuHRUd6Dbt
https://twitter.com/mikko/status/1089453106969169920
https://twitter.com/cyb3rops/status/1089865876923432960
https://twitter.com/cyb3rops/status/1089857092897460224
https://twitter.com/cyb3rops/status/1089856435717058560
https://t.co/jM78D3LDI4
https://youtu.be/l8nkXCOYQC4
https://twitter.com/cyb3rops/status/1089853794886844419
https://twitter.com/cyb3rops/status/1089568067292749825
https://t.co/cX4YTIphVE
https://t.co/Jdhhqm0O4z
https://amzn.to/2CMuQFF
https://www.youtube.com/watch?v=NyME0Idsq9w
https://twitter.com/cyb3rops/status/1089467289794170880
https://twitter.com/cyb3rops/status/1089084233761591296
https://twitter.com/cyb3rops/status/1089084148759908352
https://twitter.com/cyb3rops/status/1088862089320546305
https://twitter.com/cyb3rops/status/1088702398573543424
https://t.co/6YnVt00cjn
https://www.nextron-systems.com/compare-our-scanners/
https://twitter.com/cyb3rops/status/1088700120328298496
https://twitter.com/cyb3rops/status/1088689587399073792
https://t.co/c4xIqCWGf3
https://blog.talosintelligence.com/2019/01/amp-tracks-ursnif.html
https://twitter.com/cyb3rops/status/1088468579920547841
https://twitter.com/cyb3rops/status/1088202150776356865
https://twitter.com/cyb3rops/status/1088190259882586112
https://twitter.com/cyb3rops/status/1088188613295333382
https://twitter.com/cyb3rops/status/1088155271900381184
https://twitter.com/cyb3rops/status/1088154811223150593
https://twitter.com/cyb3rops/status/1087833057791524865
https://t.co/7v53HBiL0Y
https://t.co/whyZBtRFZV
https://twitter.com/omespino/status/1082361280248336384
https://app.any.run/tasks/91cc4f0a-a4d3-457b-9293-d831cdd1a058
https://twitter.com/cyb3rops/status/1087751034414469120
https://twitter.com/cyb3rops/status/1087735685279297538
https://t.co/kOVk7Y6Pg8
https://t.co/l9beJwWZDm
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_susp_certutil_command.yml
https://twitter.com/egre55/status/1087685529016193025
https://twitter.com/cyb3rops/status/1087618657054793730
https://t.co/0ZycvRCkrA
https://t.co/nG7FsB4Smw
https://github.com/Neo23x0/sigma/blob/master/rules/web/web_apache_threading_error.yml
https://twitter.com/hdmoore/status/1087593706444730369
https://twitter.com/cyb3rops/status/1087035420146323457
https://t.co/muve0GCFOd
https://t.co/VVqnGnteb3
https://t.co/8aItEOHKCd
https://github.com/VirusTotal/yara/releases
https://github.com/Neo23x0/Loki
https://www.nextron-systems.com/spark-core/
https://twitter.com/cyb3rops/status/1087027985289543681
https://t.co/Vewaq2P74d
https://t.co/hlRD2MU5oQ
https://twitter.com/ItsReallyNick/status/975703335834738688
https://github.com/Neo23x0/signature-base/blob/master/yara/generic_anomalies.yar#L379
https://twitter.com/cyb3rops/status/1086219833786679296
https://twitter.com/cyb3rops/status/1086199302492512262
https://t.co/hffflDKq1P
https://docs.google.com/spreadsheets/d/1H9_xaxQHpWaa4O_Son4Gx0YOIzlcBWMsdvePFX68EKU/pubhtml#
https://twitter.com/cyb3rops/status/1085821826297745408
https://t.co/whNciymL5g
https://docs.microsoft.com/en-us/windows-server/identity/securing-privileged-access/securing-privileged-access-reference-material#T0E_BM
https://twitter.com/cyb3rops/status/1085632645046915072
https://t.co/u0EwRM9SBt
https://t.co/82kxzF1Zch
https://www.virustotal.com/en/file/4acbefb9f7907c52438ebb3070888ddc8cddfe9e3849c9d0196173a422b9035f/analysis/1547669353/
https://github.com/cw1997/NATBypass
https://twitter.com/cyb3rops/status/1085527873610485760
https://twitter.com/cyb3rops/status/1085527220230283265
https://t.co/FWP9f7DLeb
https://t.co/Rhv9rd8OJx
https://t.co/kRz0aOQwpG
https://t.co/8ceCpzrQvM
https://t.co/F9n0rP6s2j
https://t.co/0Zddscv3lX
https://t.co/u5aq34GhTw
https://www.nextron-systems.com/2018/09/08/antivirus-event-analysis-cheat-sheet-v1-4/
https://github.com/Neo23x0/sigma/blob/master/rules/windows/builtin/win_av_relevant_match.yml
https://github.com/Neo23x0/sigma/blob/master/rules/windows/malware/av_exploiting.yml
https://github.com/Neo23x0/sigma/blob/master/rules/windows/malware/av_password_dumper.yml
https://github.com/Neo23x0/sigma/blob/master/rules/windows/malware/av_relevant_files.yml
https://github.com/Neo23x0/sigma/blob/master/rules/windows/malware/av_webshell.yml
https://twitter.com/stvemillertime/status/1085293195741855746
https://twitter.com/cyb3rops/status/1085264626286280704
https://twitter.com/cyb3rops/status/1084157122915520512
https://t.co/90RBAEh3NT
https://pastebin.com/XgDLVbtF
https://twitter.com/cyb3rops/status/1084044545833209857
https://t.co/4LRYBQjjKP
https://t.co/ZQsm3BCWYK
https://www.botconf.eu/wp-content/uploads/2018/12/2018-Tom-Ueltschi-Sysmon.pdf
https://github.com/Neo23x0/sigma/commits/master
https://twitter.com/cyb3rops/status/1083407012438908929
https://twitter.com/cyb3rops/status/1083348010346733568
https://twitter.com/cyb3rops/status/1083335905262346240
https://twitter.com/cyb3rops/status/1083325728740032512
https://twitter.com/cyb3rops/status/1082748648067399682
https://t.co/ySRdOG94Xc
https://docs.google.com/spreadsheets/d/e/2PACX-1vTheajUWzRhTK0XhSI3_RnYVtUJvl8mlX8HlThPyCJGK1g5SBecgS78O1oeTFQxDYS0oWlKTg2pNLyb/pubhtml#
https://twitter.com/cyb3rops/status/1082656609279660032
https://twitter.com/cyb3rops/status/1082630870262054912
https://twitter.com/cyb3rops/status/1082252709535846400
https://t.co/fD01iKZHa3
https://github.com/Neo23x0/signature-base/blob/master/yara/generic_anomalies.yar#L335
https://twitter.com/cyb3rops/status/1082215049282969600
https://t.co/0mtqz7MyMu
https://t.co/0RWn1m9KQF
https://t.co/La5DYdK75k
https://t.co/KEbalHunnw
https://www.obdev.at/products/littlesnitch/index.html
https://objective-see.com/products/lulu.html
https://objective-see.com/products/blockblock.html
https://objective-see.com/products/reikey.html
https://twitter.com/cyb3rops/status/1082205871780913153
https://t.co/9YPWAsl1Jt
https://github.com/d00rt/emotet_research
https://twitter.com/cyb3rops/status/1081903798065524736
https://twitter.com/cyb3rops/status/1081903087017701376
https://twitter.com/cyb3rops/status/1081902451270262786
https://twitter.com/cyb3rops/status/1081901397791178752
https://twitter.com/cyb3rops/status/1081845039775535104
https://twitter.com/cyb3rops/status/1081835732644302848
https://twitter.com/cyb3rops/status/1081834664342503424
https://twitter.com/cyb3rops/status/1081832573121318913
https://twitter.com/cyb3rops/status/1081711408256032771
https://t.co/o95WTNe3LK
https://medium.com/@cyb3rops/my-take-on-the-massive-data-leak-affecting-german-politicians-and-public-figures-e7ca8d2b2513
https://twitter.com/cyb3rops/status/1081275943640072192
https://twitter.com/cyb3rops/status/1081098082652209152
https://t.co/LqkLjVSxOP
https://github.com/Neo23x0/cyber-chef-recipes/blob/master/README.md
https://twitter.com/cyb3rops/status/1080873166132649986
https://t.co/93mLSBPQIB
https://twitter.com/cyb3rops/status/986641561873276933?s=21
https://twitter.com/cyb3rops/status/1080872246833569792
https://twitter.com/cyb3rops/status/1080821888027447297
https://twitter.com/cyb3rops/status/1080815724321533952
https://t.co/i41LalhvY0
http://munin.py
https://twitter.com/cyb3rops/status/1080815304882704384
https://twitter.com/cyb3rops/status/1080808131129675776
https://t.co/FjmG43yVDm
https://github.com/Neo23x0/munin
https://twitter.com/cyb3rops/status/1080783818657812480
https://twitter.com/cyb3rops/status/1080586901726396417
https://twitter.com/cyb3rops/status/1080566500044533760
https://t.co/VMo8C9mhkC
https://github.com/Neo23x0/Loki/releases/tag/v0.29.1
https://twitter.com/cyb3rops/status/1080522386619973632
https://t.co/vvficebfuy
https://www.nextron-systems.com/2019/01/02/50-shades-of-yara/
https://twitter.com/cyb3rops/status/1080396759736729601
https://t.co/yCeqIWjoPi
https://github.com/Neo23x0/Loki/releases/tag/v0.29.0
https://twitter.com/cyb3rops/status/1080210714403442690
https://t.co/6J8fiPuCZp
https://www.instructables.com/id/Hack-a-commercial-Cassette-into-a-recordable-one/
https://twitter.com/cyb3rops/status/1080203140794863616
https://t.co/6J8fiPuCZp
https://www.instructables.com/id/Hack-a-commercial-Cassette-into-a-recordable-one/
https://twitter.com/cyb3rops/status/1080194575254409218
https://twitter.com/cyb3rops/status/1079797931211976704
https://t.co/doIa3g6fLE
https://github.com/donnemartin/gitsome
https://twitter.com/cyb3rops/status/1079732654294122496
https://t.co/1zvfXBnZEo
https://github.com/Neo23x0/vti-dorks/blob/master/README.md
https://twitter.com/cyb3rops/status/1079653040347643904
https://t.co/xIC5ZYYuDy
https://www.alexanderjaeger.de/combining-virustotal-passivessl-and-timesketch/
https://twitter.com/cyb3rops/status/1079043283140124673
https://twitter.com/cyb3rops/status/1078994683668377601
https://twitter.com/cyb3rops/status/1078968313970151425
https://t.co/HnDHXVdGtu
https://github.com/fabiospampinato/notable
https://twitter.com/cyb3rops/status/1078687531577819139
https://t.co/6BkILRJnbn
https://medium.com/@Sebdraven/goblin-panda-changes-the-dropper-and-reused-the-old-infrastructure-a35915f3e37a
https://twitter.com/cyb3rops/status/1078673864903876613
https://twitter.com/cyb3rops/status/1078577991628804096
https://twitter.com/cyb3rops/status/1078305543050223616
https://twitter.com/cyb3rops/status/1078285984444354560
https://twitter.com/cyb3rops/status/1078283209874522113
https://t.co/GquB6mBzf6
https://www.youtube.com/playlist?list=PLN43v68nCimtXKndCmY1pIhQtCjClYjyf
https://twitter.com/cyb3rops/status/1078273137060524032
https://t.co/kcbGtsiGUQ
https://t.co/3YYDg20vY9
https://t.co/QFyU9Slew8
https://t.co/CI8VGVeXX9
https://www.youtube.com/watch?v=nybVFJVXbww
http://dualec.org/
https://www.youtube.com/watch?v=R4PdRn4YKbE
https://fooolix.blogspot.com/2018/02/chasing-x25519.html
https://twitter.com/cyb3rops/status/1078203272391991296
https://twitter.com/cyb3rops/status/1077220231280496643
https://t.co/ZcVN2O9BLC
https://icannwiki.org/.christmas
https://twitter.com/cyb3rops/status/1077218599096467456
https://t.co/dCu7T8vS4e
https://t.co/AJWQYs0VT6
https://t.co/JVg5ZZO9zN
http://Virus.DOS.Christmas
http://malware.wikia.com/wiki/Christmas
https://www.youtube.com/watch?v=4EShH5Bw8DI
https://twitter.com/cyb3rops/status/1077189267779141632
https://twitter.com/cyb3rops/status/1077169271707496448
https://t.co/yqzPUKoAmF
https://www.news.com.au/technology/online/satellite-images-reveal-beijings-new-weapon-installed-in-south-china-sea/news-story/cab648e08563f31434a7d67d95aa8344
https://twitter.com/cyb3rops/status/1077130513792544769
https://twitter.com/cyb3rops/status/1076392996562788352
https://t.co/9eBSRdD7Kf
https://docs.google.com/spreadsheets/d/e/2PACX-1vTheajUWzRhTK0XhSI3_RnYVtUJvl8mlX8HlThPyCJGK1g5SBecgS78O1oeTFQxDYS0oWlKTg2pNLyb/pubhtml
https://twitter.com/cyb3rops/status/1076375235354611712
https://twitter.com/cyb3rops/status/1076370978358394880
https://t.co/p8mj6WF61K
https://link.medium.com/oWv6u9EGQS
https://twitter.com/cyb3rops/status/1075789692929499137
https://t.co/RqdRNhgbRj
https://www.gov.uk/government/news/uk-and-allies-reveal-global-scale-of-chinese-cyber-campaign
https://twitter.com/cyb3rops/status/1075657902659121152
https://t.co/NyATwQ9Llv
https://t.co/GC6EzqwOYZ
https://cdn.area1security.com/reports/Area-1-Security-PhishingDiplomacy.pdf
https://www.nytimes.com/2018/12/18/us/politics/european-diplomats-cables-hacked.html
https://twitter.com/cyb3rops/status/1075459837562155013
https://t.co/S1ALGXqye1
https://airtable.com/shr3Po3DsZUQZY4we/tbljpA5wI1IaLI4Gv/viwGFVFtuu0l88e7u
https://twitter.com/cyb3rops/status/1075388870773145600
https://t.co/yR5oB9Ec0M
https://www.energyvoice.com/oilandgas/188750/petrofac-confirms-system-security-breach/
https://twitter.com/cyb3rops/status/1075314699057680389
https://t.co/GC6EzqwOYZ
https://www.nytimes.com/2018/12/18/us/politics/european-diplomats-cables-hacked.html
https://twitter.com/cyb3rops/status/1075309420156993536
https://t.co/Tmb6ISWACP
https://t.co/ojFJFP2PrI
https://github.com/Neo23x0/sigma/blob/master/rules/windows/builtin/win_hack_rubeus.yml
https://www.harmj0y.net/blog/redteaming/from-kekeo-to-rubeus/
https://twitter.com/cyb3rops/status/1075302163969204224
https://t.co/9IxB8L9pxb
https://en.wikipedia.org/wiki/Sandboxie
https://twitter.com/cyb3rops/status/1075282141393707008
https://t.co/a98izqtyLz
https://techcommunity.microsoft.com/t5/Windows-Kernel-Internals/Windows-Sandbox/ba-p/301849
https://twitter.com/cyb3rops/status/1075137614481682432
https://twitter.com/cyb3rops/status/1074989214591143937
https://twitter.com/cyb3rops/status/1074942469446471680
https://t.co/Q47EMSusEN
https://www.humblebundle.com/books/hacking-for-the-holidays-books
https://twitter.com/cyb3rops/status/1074641119676456965
https://t.co/gSKJXoQw3e
https://blog.certfa.com/posts/the-return-of-the-charming-kitten/
https://twitter.com/cyb3rops/status/1074640108920414210
https://t.co/Ks4LojLC67
https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/shamoon-returns-to-wipe-systems-in-middle-east-europe/
https://twitter.com/cyb3rops/status/1074632206344163328
https://twitter.com/cyb3rops/status/1074625896869490689
https://twitter.com/cyb3rops/status/1074625535601508353
https://twitter.com/cyb3rops/status/1074595610190327808
https://t.co/NeyDmnEppV
https://support.microsoft.com/en-us/help/4052623/update-for-windows-defender-antimalware-platform
https://twitter.com/cyb3rops/status/1074585127852933120
https://twitter.com/cyb3rops/status/1074583634982682624
https://twitter.com/cyb3rops/status/1073884679252701189
https://t.co/rw9Qja2NGk
https://twitter.com/oscaron/status/1073235483440922625
https://twitter.com/cyb3rops/status/1073505284855906305
https://twitter.com/cyb3rops/status/1073485602614640640
https://twitter.com/cyb3rops/status/1073479920385515520
https://twitter.com/cyb3rops/status/1073215048829599745
https://twitter.com/cyb3rops/status/1073212431197986816
https://t.co/oJfyw2HocX
https://www.cnet.com/how-to/where-to-find-the-hidden-three-finger-drag-option-in-os-x-el-capitan/
https://twitter.com/cyb3rops/status/1073207887638511622
https://t.co/o0vq0UV2Se
https://t.co/bg4SAlS2pI
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_powershell_obfuscation.yar
https://pastebin.com/LJZVAqUs
https://twitter.com/cyb3rops/status/1073205418619559936
https://twitter.com/cyb3rops/status/1073203398340763648
https://twitter.com/cyb3rops/status/1073195878494679040
https://twitter.com/cyb3rops/status/1073185172395360256
https://t.co/utEXvoEPg2
https://www.virustotal.com/en/file/7100bd8d0faa7a7447c7470af44b44a136c8fe8e529240dab7d2cc3e1ef3f82e/analysis/
https://twitter.com/cyb3rops/status/1073181030008401921
https://t.co/NuaOF4HTfJ
https://twitter.com/maartenvhb/status/1072562488967946241
https://twitter.com/cyb3rops/status/1073121557587861504
https://t.co/0eO9f8BFY0
https://t.co/Mbau6S0q2Y
https://github.com/Neo23x0/Fnord
https://pastebin.com/wXhyMBT5
https://twitter.com/cyb3rops/status/1073116883619078144
https://t.co/gmYnqz6JP1
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon
https://twitter.com/cyb3rops/status/1073116388909334528
https://t.co/EkgZxgPxGb
https://twitter.com/analyze_v/status/1072923678873022464
https://twitter.com/cyb3rops/status/1072982429617537024
https://t.co/jhKq6mxLwO
https://threatvector.cylance.com/en_us/home/poking-the-bear-three-year-campaign-targets-russian-critical-infrastructure.html
https://twitter.com/cyb3rops/status/1072803501426782208
https://t.co/9Kxxuru0Iw
https://www.sweetscape.com/010editor/
https://twitter.com/cyb3rops/status/1072776595851673600
https://twitter.com/cyb3rops/status/1072772469256265729
https://twitter.com/cyb3rops/status/1072767215227817986
https://t.co/gmYnqz6JP1
https://t.co/ryPPZ9ck6W
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon
https://github.com/Neo23x0/sysmon-version-history/blob/master/README.md
https://twitter.com/cyb3rops/status/1072756866680283136
https://t.co/D8VphliNdi
https://twitter.com/gN3mes1s/status/941315826107510784
https://twitter.com/cyb3rops/status/1072600490142326786
https://t.co/vSOOqOziIu
https://www.reuters.com/article/us-supermicro-chips/super-micro-says-review-found-no-malicious-chips-in-motherboards-idUSKBN1OA12R
https://twitter.com/cyb3rops/status/1072412931541876742
https://twitter.com/cyb3rops/status/1072408709605806080
https://t.co/9a8lyUEYcl
https://twitter.com/cyb3rops/status/1072044598783033344?s=21
https://twitter.com/cyb3rops/status/1072378353599025152
https://t.co/9JcmiyqtQl
https://www.bloomberg.com/news/articles/2018-12-10/middle-east-servers-targeted-in-cyberattack-against-saipem
https://twitter.com/cyb3rops/status/1072274388559499264
https://twitter.com/cyb3rops/status/1072266300213391361
https://twitter.com/cyb3rops/status/1072114876548550657
https://twitter.com/cyb3rops/status/1072070818312667137
https://t.co/rTsoL2gozb
https://twitter.com/cyb3rops/status/1071127750596067329
https://twitter.com/cyb3rops/status/1072054175553462272
https://t.co/VygXg3uQGM
https://app.any.run/tasks/9cf48533-203f-43fb-a696-cfc98a77c50f
https://twitter.com/cyb3rops/status/1072051168598245376
https://twitter.com/cyb3rops/status/1072048804357115904
https://twitter.com/cyb3rops/status/1072044598783033344
https://t.co/Mn40yAiPul
https://www.darkoperator.com/blog/2017/11/11/windows-defender-exploit-guard-asr-rules-for-office
https://twitter.com/cyb3rops/status/1071398355308294144
https://twitter.com/cyb3rops/status/1071397114914242560
https://t.co/tf2RIYNKHv
https://docs.google.com/spreadsheets/d/e/2PACX-1vQ0E0cItC_-A_SsCh0KoShu_CrFUCzvjZKASya9_oso0YWnLmAL-MO17pEoj2PgrmGhVu1fH95Zn4Rc/pubhtml
https://twitter.com/cyb3rops/status/1071314579291025409
https://t.co/Un2gEn6t1x
https://www.cyberscoop.com/australia-encryption-backdoors-law-passes/
https://twitter.com/cyb3rops/status/1071309075386982400
https://t.co/pLWbdNp9V5
http://uncoder.io
https://twitter.com/cyb3rops/status/1071127750596067329
https://t.co/pPRaLoGmYt
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_office_shell.yml
https://twitter.com/cyb3rops/status/1070969240067432448
https://t.co/6wCCLJqH5q
https://fee.org/articles/fear-not-the-robots-jobs-arent-scarce/
https://twitter.com/cyb3rops/status/1070607574934925317
https://t.co/UW789YQ2UM
https://t.co/qumON5peBt
https://github.com/ztgrace/changeme
https://github.com/govolution/betterdefaultpasslist
https://twitter.com/cyb3rops/status/1070580120132481024
https://t.co/rJWDICTCom
https://www.reuters.com/article/us-marriott-intnl-cyber-china-exclusive-idUSKBN1O504D
https://twitter.com/cyb3rops/status/1070413304001105920
https://t.co/5eHqAQnNTE
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_triton_mal_sshdoor.yar
https://twitter.com/cyb3rops/status/1070373671192154113
https://t.co/jN5c94DjXJ
https://tweetenapp.com/
https://twitter.com/cyb3rops/status/1070341015972823040
https://twitter.com/cyb3rops/status/1070332468484546563
https://twitter.com/cyb3rops/status/1070329528063586304
https://twitter.com/cyb3rops/status/1070327668736962560
https://twitter.com/cyb3rops/status/1070322512679055362
https://twitter.com/cyb3rops/status/1070317389810683904
https://twitter.com/cyb3rops/status/1069986010820423680
https://t.co/THVQmVbUkB
https://github.com/Neo23x0/sigma/blob/master/rules/apt/apt_apt29_thinktanks.yml
https://twitter.com/cyb3rops/status/1069847828585951232
https://twitter.com/cyb3rops/status/1069288474124189698
https://t.co/OJWnOn7sXX
https://www.clearskysec.com/global-iranian-disinformation-operation/
https://twitter.com/cyb3rops/status/1068965060335280133
https://twitter.com/cyb3rops/status/1068915822691782657
https://t.co/yMUWKssYc4
https://www.emanueledelucia.net/apt28-targeting-military-institutions/
https://twitter.com/cyb3rops/status/1068847837776101376
https://twitter.com/cyb3rops/status/1068837043223097344
https://t.co/W2GhKi530Q
https://www.microsoft.com/en-us/download/details.aspx?id=55319
https://twitter.com/cyb3rops/status/1068776636600979456
https://t.co/zztUIcXmMn
https://t.co/KNGk5c8rXK
https://docs.microsoft.com/en-us/windows/security/threat-protection/security-compliance-toolkit-10
https://blogs.technet.microsoft.com/secguide/2016/01/22/new-tool-policy-analyzer/
https://twitter.com/cyb3rops/status/1068772311183044608
https://t.co/tf2RIYNKHv
https://docs.google.com/spreadsheets/d/e/2PACX-1vQ0E0cItC_-A_SsCh0KoShu_CrFUCzvjZKASya9_oso0YWnLmAL-MO17pEoj2PgrmGhVu1fH95Zn4Rc/pubhtml
https://twitter.com/cyb3rops/status/1068559833606037509
https://twitter.com/cyb3rops/status/1068558179431260162
https://t.co/gD9Mbg97rP
https://researchcenter.paloaltonetworks.com/2018/11/unit42-the-fractured-block-campaign-carrotbat-malware-used-to-deliver-malware-targeting-southeast-asia/
https://twitter.com/cyb3rops/status/1068484064427077632
https://t.co/s9WHTo1bFy
https://github.com/Neo23x0/sigma/wiki/Converter-Tool-Sigmac
https://twitter.com/cyb3rops/status/1068444726821625857
https://t.co/K7BZ0S4gQS
https://blog.talosintelligence.com/2018/11/dnspionage-campaign-targets-middle-east.html
https://twitter.com/cyb3rops/status/1068436701901742080
https://t.co/9egIiXoFzt
https://t.co/D1bshnGuWc
https://medium.com/@olafhartong/cobalt-strike-remote-threads-detection-206372d11d0f
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_cobaltstrike_process_injection.yml
https://twitter.com/cyb3rops/status/1068412656158158848
https://t.co/SaLrnXynPj
https://github.com/isaacs/github/issues/410
https://twitter.com/cyb3rops/status/1068185767204261888
https://t.co/iNettSzfNW
https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g
https://twitter.com/cyb3rops/status/1067844821430226944
https://t.co/y3fAdlOjqN
https://t.co/KFHhoZLQvc
https://www.patreon.com/posts/knockknock-2-0-22984508
https://objective-see.com/products/knockknock.html
https://twitter.com/cyb3rops/status/1067765876508774402
https://t.co/9HyVwhrAqB
https://support.f5.com/csp/article/K10026
https://twitter.com/cyb3rops/status/1067714281209249792
https://twitter.com/cyb3rops/status/1067693048887427072
https://twitter.com/cyb3rops/status/1067692448695140352
https://twitter.com/cyb3rops/status/1067691534680764416
https://twitter.com/cyb3rops/status/1067410783875866625
https://t.co/V6HO3p3flv
https://twitter.com/cyb3rops/status/838407913664307204
https://twitter.com/cyb3rops/status/1066663576767774721
https://twitter.com/cyb3rops/status/1066660003149488128
https://twitter.com/cyb3rops/status/1065997006676639744
https://twitter.com/cyb3rops/status/1065874722540404736
https://t.co/vbP5XwCeXI
https://t.co/TZ0KWxkmkg
https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/november/turla-png-dropper-is-back/
https://github.com/Neo23x0/sigma/blob/master/rules/apt/apt_turla_service_png.yml
https://twitter.com/cyb3rops/status/1065866149483741184
https://t.co/0mtqz7MyMu
https://www.obdev.at/products/littlesnitch/index.html
https://twitter.com/cyb3rops/status/1065863162589835265
https://t.co/PuLUN9EAgf
https://t.co/J5JUTXcDO2
https://www.shodan.io/store/member
https://help.shodan.io/the-basics/credit-types-explained
https://twitter.com/cyb3rops/status/1065718334413553665
https://twitter.com/cyb3rops/status/1065713660859944961
https://twitter.com/cyb3rops/status/1065673626656100353
https://twitter.com/cyb3rops/status/1065670387437092864
https://t.co/OqF3xBwvHU
https://t.co/VnOAjjnJRY
https://app.any.run/tasks/54acca9a-394e-4384-a0c8-91a96d36c81d
https://github.com/Neo23x0/sigma/blob/master/rules/apt/apt_sofacy_zebrocy.yml
https://twitter.com/cyb3rops/status/1065533942722371584
https://t.co/yLGQn6QAgw
https://pastebin.com/pro
https://twitter.com/cyb3rops/status/1064895306272333825
https://t.co/zgjtdcUcxv
https://github.com/Neo23x0/Fnord/releases/tag/v0.6
https://twitter.com/cyb3rops/status/1064893280314449921
https://t.co/b1qtG1Azfd
https://www.virustotal.com/en/search/?query=casinganomalies
https://twitter.com/cyb3rops/status/1064869770552635392
https://twitter.com/cyb3rops/status/1064866634433728513
https://t.co/00BgbVxZxS
https://t.co/ZgAVSex8BY
https://t.co/LnbEtyfn0Y
https://www.virustotal.com/en/file/1ac23771c64cecaedfc5cb0290236d58b7518e03523844060408b24426d49172/analysis/
https://www.hybrid-analysis.com/sample/1147e9fd0eb9a3d6472c6243176d582583a4531855043e43e081d9df82fe6a7f?environmentId=100
https://app.any.run/tasks/0d2391ba-a97d-4bb7-af48-6877547c6733
https://twitter.com/cyb3rops/status/1064584994398580738
https://t.co/vXNDXuNmke
https://github.com/Neo23x0/Fnord/releases/tag/v0.5
https://twitter.com/cyb3rops/status/1064552953187614726
https://twitter.com/cyb3rops/status/1064443873001463808
https://twitter.com/cyb3rops/status/1064216785589813249
https://t.co/0eO9f8BFY0
https://github.com/Neo23x0/Fnord
https://twitter.com/cyb3rops/status/1063846478471487488
https://twitter.com/cyb3rops/status/1063838613320974336
https://twitter.com/cyb3rops/status/1063812013405728768
https://twitter.com/cyb3rops/status/1063707189917954048
https://t.co/Q71yPI48P0
https://research.checkpoint.com/new-strain-of-olympic-destroyer-droppers/
https://twitter.com/cyb3rops/status/1063706690493841408
https://t.co/fGU02cl5fq
https://t.co/hUOAuxlxKt
https://t.co/jGFS9YVdVb
https://github.com/Neo23x0/sigma/blob/master/rules/windows/builtin/win_powershell_b64_shellcode.yml
https://github.com/Neo23x0/sigma/blob/master/rules/windows/powershell/powershell_shellcode_b64.yml
https://twitter.com/cyb3rops/status/1063072865992523776
https://twitter.com/cyb3rops/status/1063699506364067840
https://t.co/HTU9Wx746k
http://v3lo.tistory.com/24
https://twitter.com/cyb3rops/status/1063510859123691520
https://twitter.com/cyb3rops/status/1063332820947476480
https://twitter.com/cyb3rops/status/1063314921260294144
https://t.co/CqMONlllGN
http://english.alarabiya.net/en/features/2018/09/30/EXCLUSIVE-Why-the-fight-against-Qatar-s-US-cyber-attacks-is-not-over-yet.html
https://twitter.com/cyb3rops/status/1063126297096974336
https://twitter.com/cyb3rops/status/1063098324226473984
https://twitter.com/cyb3rops/status/1063072865992523776
https://t.co/Zd17JtCXiL
https://t.co/gyFi6MjBk6
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_ps1_shellcode.yar
https://docs.google.com/spreadsheets/d/1pyLGSEIFPsvcaiNfnyGWdhhr_QF_DvufjXApNemPdQU/edit#gid=804945577
https://twitter.com/cyb3rops/status/1063014565775097856
https://twitter.com/cyb3rops/status/1062799921592569856
https://twitter.com/cyb3rops/status/1062623461036773376
https://twitter.com/cyb3rops/status/1062430939572301826
https://twitter.com/cyb3rops/status/1062406425538973698
https://twitter.com/cyb3rops/status/1062405009428615168
https://twitter.com/cyb3rops/status/1062309135549636608
https://t.co/6eAGRTRIFt
https://www.blockchain.com/btc/address/12SRjvqFo8MeZVc2UE9C8JQxkqsASRN9G5
https://twitter.com/cyb3rops/status/1062275871015387137
https://t.co/S4e4AiHft0
https://t.co/6RLVRhKsgS
https://github.com/thomaspatzke/dfirtrack/tree/dockerize#docker-environment
https://twitter.com/cyb3rops/status/1062086485120290817
https://twitter.com/cyb3rops/status/1062269461884006400
https://t.co/xurQj0vcGt
https://gchq.github.io/CyberChef/#recipe=From_Base64('A-Za-z0-9%2B/%3D',true)To_Hex('None')Disassemble_x86('32','Full%20x86%20architecture',16,0,true,true)&input=L09pQ0FBQUFZSW5sTWNCa2kxQXdpMUlNaTFJVWkzSW9EN2RLSmpIL3JEeGhmQUlzSU1IUERRSEg0dkpTVjR0U0VJdEtQSXRNRVhqalNBSFJVWXRaSUFIVGkwa1k0enBKaXpTTEFkWXgvNnpCencwQnh6amdkZllEZmZnN2ZTUjE1RmlMV0NRQjAyYUxERXVMV0J3QjA0c0Vpd0hRaVVRa0pGdGJZVmxhVWYvZ1gxOWFpeExyalYxb016SUFBR2gzY3pKZlZHaE1keVlIaWVqLzBMaVFBUUFBS2NSVVVHZ3BnR3NBLzlWcUNtakFxQUVhYUFJQUVWeUo1bEJRVUZCQVVFQlFhT29QMytELzFaZHFFRlpYYUptbGRHSC8xWVhBZEF6L1RnaDE3R2p3dGFKVy85VnFBR29FVmxkb0F0bklYLy9WaXpacVFHZ0FFQUFBVm1vQWFGaWtVK1gvMVpOVGFnQldVMWRvQXRuSVgvL1ZBY01weG5YdXd3PT0
https://twitter.com/cyb3rops/status/1062251111363555330
https://t.co/9WAXGR1uro
https://t.co/CI8VGVeXX9
https://t.co/fg9P6D6WBO
https://fooolix.blogspot.com/2015/11/a-fail.html
https://fooolix.blogspot.com/2018/02/chasing-x25519.html
https://twitter.com/nikitab/status/1062161234173288449
https://twitter.com/cyb3rops/status/1062086485120290817
https://t.co/vrgIEORzeU
https://github.com/stuhli/dfirtrack/blob/master/README.md
https://twitter.com/cyb3rops/status/1061932626494320641
https://t.co/y6fhsGoNxh
https://t.co/ugbMWHQc5A
https://gist.github.com/rjsmitre/79775df68b0d1c7c0985b4fe7f115586
https://oasis-open.github.io/cti-documentation/stix/examples
https://twitter.com/cyb3rops/status/1061540581120376832
https://t.co/oZjg0ErLLs
https://researchcenter.paloaltonetworks.com/2017/11/unit42-recent-inpage-exploits-lead-multiple-malware-families/
https://twitter.com/cyb3rops/status/1061321207344173056
https://t.co/H4qFnOF1iM
https://t.co/YT7FEF91Ed
https://t.co/1frvoOZWeH
https://youtu.be/G2_Q9FoD-oQ
https://youtu.be/V4V2bpZlqx8
https://youtu.be/NgbK43jB4rQ
https://twitter.com/cyb3rops/status/1061198084259102720
https://t.co/9R10cRCyC8
https://t.co/AvXEXp1gDm
https://translate.google.com/translate?sl=auto&tl=en&js=y&prev=_t&hl=en&ie=UTF-8&u=https%3A%2F%2Fwww.heise.de%2Fsecurity%2Fmeldung%2FSchwerwiegendes-Schwachstelle-in-DSGVO-Plugin-fuer-WordPress-4217962.html&edit-text=
https://twitter.com/heisec/status/1060893797293416448
https://twitter.com/cyb3rops/status/1060587337107886080
https://t.co/m8bxQCqbvh
https://t.co/FY4jgO9A1o
https://www.zdnet.com/article/us-cyber-command-starts-uploading-foreign-apt-malware-to-virustotal/
https://www.virustotal.com/en/user/CYBERCOM_Malware_Alert/
https://twitter.com/cyb3rops/status/1060584431734456321
https://t.co/FjmG43yVDm
https://github.com/Neo23x0/munin
https://twitter.com/cyb3rops/status/1060583504394813440
https://t.co/F1XxDBtsxH
https://www.virustotal.com/#/search/invokeobfuscation
https://twitter.com/cyb3rops/status/1060580425897263107
https://t.co/UVwIVYsfjR
https://t.co/GgLpMTgJL6
https://www.virustotal.com/en/file/285e6f550560f0ce01bcf0a1a47350075cca366f9e4bf9b573fd5b03c5644b29/analysis/1541696517/
https://www.virustotal.com/en/documentation/public-api/
https://twitter.com/cyb3rops/status/1060548875193323521
https://t.co/OZmaS3QXaE
https://www.intezer.com/the-researcher-view-blog-post/
https://twitter.com/cyb3rops/status/1060433530042363905
https://twitter.com/cyb3rops/status/1060305207467393024
https://t.co/6GkzX39Ktg
https://github.com/Neo23x0/sigma/pull/191
https://twitter.com/cyb3rops/status/1060291262685814785
https://twitter.com/cyb3rops/status/1060278966043467776
https://twitter.com/cyb3rops/status/1060277137851252738
https://twitter.com/cyb3rops/status/1060275989928910848
https://twitter.com/cyb3rops/status/1059697482219900933
https://t.co/sAnJA69ELN
https://github.com/Neo23x0/ti-falsepositives
https://twitter.com/cyb3rops/status/1059577880299139072
https://twitter.com/cyb3rops/status/1059574986191581185
https://twitter.com/cyb3rops/status/1058058105639133186
https://t.co/gPaPxEo5XW
https://github.com/Neo23x0/yarGen
https://twitter.com/cyb3rops/status/1057943144036212741
https://t.co/ciEAARXy8q
https://www.nextron-systems.com/2018/11/01/short-tutorial-how-to-create-a-yara-rule-for-a-compromised-certificate/
https://twitter.com/cyb3rops/status/1056934035019173896
https://twitter.com/cyb3rops/status/1056826638183342080
https://t.co/fkiZZNCsL3
https://t.co/xGO6MtxN1k
https://tdm.socprime.com/leaderboards/
https://youtu.be/NyME0Idsq9w?t=2417
https://twitter.com/cyb3rops/status/1056823800019542016
https://twitter.com/cyb3rops/status/1055732322874605568
https://t.co/Wb3PSjziKH
https://t.co/8NheLR7Fjs
https://t.co/uNERxFePsV
https://t.co/A7jvUw2BNW
https://github.com/PUNCH-Cyber/YaraGuardian
https://github.com/kevthehermit/YaraManager
https://www.adlice.com/download/yaraeditorweb/
https://github.com/plyara/plyara/
https://twitter.com/cyb3rops/status/1055381104599932928
https://twitter.com/cyb3rops/status/1055365763622674438
https://t.co/54r9JQkDZ4
https://app.any.run/tasks/8efac477-35b1-4b31-84f3-44d9453f2a51
https://twitter.com/cyb3rops/status/1055173035836260353
https://t.co/n7OkZVs542
https://webexec.org/
https://twitter.com/cyb3rops/status/1055088337063723008
https://twitter.com/cyb3rops/status/1055072851819151366
https://t.co/QChrEl2SKH
https://github.com/Neo23x0/sysmon-version-history
https://twitter.com/cyb3rops/status/1054984654657331200
https://t.co/JbTMuaIOPj
https://www.fireeye.com/content/dam/fireeye-www/blog/pdfs/dosfuscation-report.pdf
https://twitter.com/cyb3rops/status/1054779474963763200
https://twitter.com/cyb3rops/status/1054689848609685505
https://twitter.com/cyb3rops/status/1054642152569999360
https://t.co/fXXJWPTxhZ
https://t.co/CIMwOSZn5I
https://github.com/Neo23x0/ti-falsepositives/blob/master/fp-hashes.py
https://www.virustotal.com/en/file/ad7facb2586fc6e966c004d7d1d16b024f5805ff7cb47c7a85dabd8b48892ca7/analysis/
https://twitter.com/cyb3rops/status/1054142554579632128
https://t.co/x9zkKejSRi
https://t.co/7hnc8K04eZ
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_greyenergy.yar
https://www.welivesecurity.com/2018/10/17/greyenergy-updated-arsenal-dangerous-threat-actors/
https://twitter.com/cyb3rops/status/1053310530277072897
https://twitter.com/cyb3rops/status/1053181518196170753
https://t.co/JcJ4ZsdPop
https://t.co/pefBKaXHEK
https://github.com/Neo23x0/signature-base/blob/master/yara/vul_jquery_fileupload_cve_2018_9206.yar
https://www.zdnet.com/article/zero-day-in-popular-jquery-plugin-actively-exploited-for-at-least-three-years/
https://twitter.com/cyb3rops/status/1052577564773048321
https://t.co/XVjztwRQAj
https://t.co/KmgeceqdZ6
https://medium.com/@cyb3rops/improving-yara-rules-from-ta17-293a-dc9ab6e1818b
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_ta17_293A.yar
https://twitter.com/cyb3rops/status/1052549221851705344
https://t.co/ehx2neLvUV
https://www.libssh.org/2018/10/16/libssh-0-8-4-and-0-7-6-security-and-bugfix-release/
https://twitter.com/cyb3rops/status/1052460787036512257
https://t.co/VSe370eWfn
https://www.youtube.com/channel/UCI6B0zYvK-7FdM0Vgh3v3Tg
https://twitter.com/cyb3rops/status/1052459415721439232
https://t.co/SrXH8T0bFp
https://administraitor.video/edition/MISP%20Summit/2018
https://twitter.com/cyb3rops/status/1052267015858081792
https://t.co/Sd8TuaFy6g
https://amzn.to/2pVpstO
https://twitter.com/cyb3rops/status/1052188397031313409
https://t.co/LqfQivxkoO
https://www.virustotal.com/en/file/009c1a7cccd7db54f5bc036752a14a96085a14422bc8addeeda9147c236e0c54/analysis/
https://twitter.com/cyb3rops/status/1052105542553034753
https://twitter.com/cyb3rops/status/1052104745802981376
https://t.co/dkYZIv2muB
https://github.com/Concinnity-Risks/LogisticalBudget
https://twitter.com/cyb3rops/status/1051861653648760833
https://t.co/0EdzJ8dhrN
https://securelist.com/octopus-infested-seas-of-central-asia/88200/
https://twitter.com/cyb3rops/status/1051040925672198145
https://twitter.com/cyb3rops/status/1050799333187248129
https://twitter.com/cyb3rops/status/1050757941865910272
https://twitter.com/cyb3rops/status/1050157410256588801
https://t.co/swO3IdLtQ7
https://blog.didierstevens.com/2018/10/10/keihash-fingerprinting-ssh/amp/
https://twitter.com/cyb3rops/status/1050157059034030080
https://t.co/gd7ZY3x0zv
https://www.symantec.com/blogs/threat-intelligence/gallmaker-attack-group
https://twitter.com/cyb3rops/status/1050153990971957250
https://t.co/HYKDCygnoE
https://www.cyberscoop.com/rob-joyce-bloomberg-story-supply-chain/
https://twitter.com/cyb3rops/status/1050017091955380225
https://t.co/MGeMPzSjL1
https://t.co/z5GMVCJPMx
https://t.co/ec2ItUhNqF
https://securelist.com/muddywater/88059/
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_shell_spawn_susp_program.yml
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_mshta_spawn_shell.yml
https://twitter.com/cyb3rops/status/1049702379103367168
https://twitter.com/cyb3rops/status/1049699794250293249
https://t.co/SUDgDwwWfA
https://www.bloomberg.com/news/articles/2018-10-09/new-evidence-of-hacked-supermicro-hardware-found-in-u-s-telecom
https://twitter.com/cyb3rops/status/1049308124157566977
https://twitter.com/cyb3rops/status/1049307558371086336
https://twitter.com/cyb3rops/status/1049302247077810176
https://twitter.com/cyb3rops/status/1049193863057956864
https://t.co/uYVDetwJse
https://www.youtube.com/watch?v=YGJaj6_3dGA
https://twitter.com/cyb3rops/status/1048586261609558016
https://t.co/du9sUsdUjn
https://github.com/Neo23x0/sigma/blob/master/rules/proxy/proxy_ua_suspicious.yml#L23
https://twitter.com/cyb3rops/status/1048500161482317825
https://twitter.com/cyb3rops/status/1048497165713203200
https://twitter.com/cyb3rops/status/1048496861076750336
https://twitter.com/cyb3rops/status/1048495004526825472
https://twitter.com/cyb3rops/status/1048492977226694656
https://twitter.com/cyb3rops/status/1048492752885960704
https://t.co/ZvcMq3LHeV
https://t.co/WK1UuAstvE
https://www.heise.de/forum/iX/News-Kommentare/Code-of-Conduct-fuer-Linux-Mit-Buerokratie-zum-Duckmaeusertum/CoC-Dramas-bei-Opal-Django-Ruby-PHP-Node-js-Drupal/posting-33200098/show/
https://www.youtube.com/watch?v=nND3EYzIONg
https://twitter.com/cyb3rops/status/1048233992133201921
https://twitter.com/cyb3rops/status/1048184845430677504
https://t.co/JFA489LhPX
https://github.com/socprime/SigmaUI
https://twitter.com/cyb3rops/status/1047918660893986816
https://twitter.com/cyb3rops/status/1047916299333062656
https://t.co/JC9v0g5CaG
https://arstechnica.com/information-technology/2017/02/apple-axed-supermicro-servers-from-datacenters-because-of-bad-firmware-update/
https://twitter.com/cyb3rops/status/1047868202020163585
https://t.co/IxkL0gQlTO
https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies
https://twitter.com/cyb3rops/status/1047578448905084930
https://t.co/zwW3g5OrtP
https://www.fireeye.com/blog/threat-research/2018/10/apt38-details-on-new-north-korean-regime-backed-threat-group.html
https://twitter.com/cyb3rops/status/1047402852682006528
https://t.co/QktLkQEm6b
https://www.us-cert.gov/ncas/analysis-reports/AR18-275A
https://twitter.com/cyb3rops/status/1047085893251678208
https://twitter.com/cyb3rops/status/1047081849112158213
https://twitter.com/cyb3rops/status/1047076531531603968
https://twitter.com/cyb3rops/status/1047075442975547392
https://twitter.com/cyb3rops/status/1047072477950689281
https://t.co/4cnFzDB1Of
https://t.co/nsZkgTTxLk
http://blog.inquest.net/blog/2018/09/30/yara-performance/
https://gist.github.com/Neo23x0/e3d4e316d7441d9143c7
https://twitter.com/cyb3rops/status/1046684282058657792
https://t.co/nC6WokBKU5
https://twitter.com/bad_packets/status/1046469669341675520
https://twitter.com/cyb3rops/status/1046401252328960000
https://t.co/hUg1zsZrTF
http://amazon.com
https://twitter.com/cyb3rops/status/1046333876791062528
https://twitter.com/cyb3rops/status/1046138442453848064
https://twitter.com/cyb3rops/status/1046133826450325505
https://t.co/IjhjrCPv6u
https://www.youtube.com/watch?v=jE1qYGe72y8
https://twitter.com/cyb3rops/status/1045956335349714944
https://twitter.com/cyb3rops/status/1045721417675878400
https://twitter.com/cyb3rops/status/1045347007232188416
https://t.co/OakllS8wwq
https://medium.com/chronicle-blog/introducing-virustotal-enterprise-3a1607d79334
https://twitter.com/cyb3rops/status/1045230918041055233
https://t.co/mVQC6uodY7
https://www.virustotal.com/en/file/8c630e7a06e0b52806c1147fc9b72a72d7106d2fef0374b57b535c9d72e6cc90/analysis/
https://twitter.com/cyb3rops/status/1045061014683885569
https://t.co/JUim1jeUM6
https://t.co/Vlp17F3r6e
https://pastebin.com/NeXwixEX
https://github.com/Neo23x0/radiocarbon
https://twitter.com/cyb3rops/status/1045022311714304001
https://t.co/HkuykjhZDe
https://blog.talosintelligence.com/2018/09/vpnfilter-part-3.html
https://twitter.com/cyb3rops/status/1044867677557313536
https://twitter.com/cyb3rops/status/1044627078526771201
https://t.co/WdBcBNcraw
https://www.owasp.org/index.php/OWASP_Juice_Shop_Project
https://twitter.com/cyb3rops/status/1044624064663433217
https://t.co/TQyAOxIAmY
https://t.co/Y0yheNhHds
https://patzke.org/introducing-generic-log-sources-in-sigma.html
https://github.com/Neo23x0/sigma/tree/project-1
https://twitter.com/cyb3rops/status/1044584841063235586
https://t.co/a1ZOj3kAfi
https://t.co/9Slm2f2wQn
https://gist.github.com/Neo23x0/cd4934a06a616ecf6cf44e36f323e551
https://github.com/fireeye/flare-floss
https://twitter.com/cyb3rops/status/1044489990477107200
https://t.co/sRF2MylNah
https://github.com/Neo23x0/auditd
https://twitter.com/cyb3rops/status/1044219355817488386
https://t.co/hn4EmKJ50e
https://t.co/4GL6lvEBbU
https://www.virustotal.com/en/file/d451b7af9505786e64c976003cabc852d75ad114f1112297ef009de26ab5adc0/analysis/
https://cse.google.com/cse?cx=003248445720253387346:turlh5vi4xc
https://twitter.com/cyb3rops/status/1044212531915608064
https://t.co/yVnUJ0xhA6
https://malware.one
https://twitter.com/cyb3rops/status/1044198528229232640
https://twitter.com/cyb3rops/status/1044188829194833920
https://t.co/HtZ7ShcvX8
https://t.co/ITnqwMJPdc
https://github.com/Neo23x0/sigma/issues/94
https://github.com/Neo23x0/sigma/pull/172
https://twitter.com/cyb3rops/status/1043150758110064640
https://t.co/72k1HXJfyr
http://www.megabeets.net/fantastic-malware-and-where-to-find-them/
https://twitter.com/cyb3rops/status/1043026761775108116
https://t.co/dkGMduoJLA
https://ti.360.net/uploads/2018/09/20/6f8ad451646c9eda1f75c5d31f39f668.pdf
https://twitter.com/cyb3rops/status/1042375493637558273
https://twitter.com/cyb3rops/status/1042311558305669120
https://t.co/FD6On5klyH
https://t.co/ooZsgTYHQp
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_susp_lnk_files.yar
https://docs.google.com/spreadsheets/d/1oldxGjx17u2oYbGp-MbxsLebMBye-7IxaYqDt5hrd0w/edit?usp=sharing
https://twitter.com/cyb3rops/status/1042091463226675201
https://twitter.com/cyb3rops/status/1042089990547824640
https://t.co/cYdzWRKXSh
https://t.co/L2apuB9H5t
https://www.virustotal.com/en/file/d497a1f7704dc963ca35eba0656684118a47fbdcaad8d67373179dae0c2c175b/analysis/
https://www.virustotal.com/en/search/?query=link
https://twitter.com/cyb3rops/status/1042088594268151813
https://twitter.com/cyb3rops/status/1041663739597082625
https://t.co/9lo5PGlwn0
https://www.nextron-systems.com/notes-on-virustotal-matches/
https://twitter.com/cyb3rops/status/1041663277162524678
https://t.co/w3MBiFNnwZ
https://t.co/vVx1gsO4dk
https://godbolt.org
https://github.com/mattgodbolt/compiler-explorer
https://twitter.com/cyb3rops/status/1041601242462670848
https://twitter.com/cyb3rops/status/1041575796341653506
https://t.co/YC2NH008Tn
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_sfx_with_microsoft_copyright.yar
https://twitter.com/cyb3rops/status/1040854722247307264
https://twitter.com/cyb3rops/status/1040368739412262913
https://t.co/N8PgIqgv2i
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_susp_office_dropper.yar
https://twitter.com/cyb3rops/status/1040353907858448385
https://t.co/Dlo76H3NSR
https://cloudblogs.microsoft.com/microsoftsecure/2018/09/12/office-vba-amsi-parting-the-veil-on-malicious-macros/
https://twitter.com/cyb3rops/status/1040352039203684352
https://t.co/sw01inXLk9
https://blogs.cisco.com/security/talos/siganalyzer-signature-analysis-with-casc
https://twitter.com/cyb3rops/status/1039911451203395584
https://t.co/Wc9Apo6qoU
https://www.cnet.com/news/eu-votes-to-adopt-upload-filters-as-part-of-internet-copyright-law/
https://twitter.com/cyb3rops/status/1039632152844017664
https://t.co/JgKCHZuqb5
https://sploitus.com
https://twitter.com/cyb3rops/status/1039503778301587456
https://t.co/wdClYcvN9Y
https://twitter.com/gerritzc/status/974398783038607362?s=21
https://twitter.com/cyb3rops/status/1039443020448444416
https://twitter.com/cyb3rops/status/1039410828225769472
https://twitter.com/cyb3rops/status/1039407128048533504
https://twitter.com/cyb3rops/status/1039074927922634753
https://twitter.com/cyb3rops/status/1039023695409369088
https://t.co/7cJGPCNGdJ
https://www.misp-project.org/2018/09/06/MISP.2.4.95.released.html
https://twitter.com/cyb3rops/status/1038898081067134977
https://twitter.com/cyb3rops/status/1038897974024314881
https://twitter.com/cyb3rops/status/1038822638653763584
https://twitter.com/cyb3rops/status/1038792542823833601
https://twitter.com/cyb3rops/status/1038716989303414786
https://t.co/ogNPRjWprL
https://t.co/FWP9f7DLeb
https://t.co/s9WHTo1bFy
https://github.com/Neo23x0/sigma/tree/master/rules/windows/malware
https://www.nextron-systems.com/2018/09/08/antivirus-event-analysis-cheat-sheet-v1-4/
https://github.com/Neo23x0/sigma/wiki/Converter-Tool-Sigmac
https://twitter.com/cyb3rops/status/1038506465982640128
https://twitter.com/cyb3rops/status/1038482174620696576
https://t.co/rMfyR9K5xK
https://soundcloud.com/florian-roth-10/master-control-program-mix
https://twitter.com/cyb3rops/status/1038473718547341312
https://t.co/Hyv4wNG1uS
https://t.co/mSJ1BcsRD5
https://t.co/yZzsOlSWqL
https://www.virustotal.com/en/file/992c72f7b10e889a9d6b39f1af926b2c6101ee8f70ab6fe4c17a85db2bab19e9/analysis/
https://www.hybrid-analysis.com/sample/992c72f7b10e889a9d6b39f1af926b2c6101ee8f70ab6fe4c17a85db2bab19e9/5b93d89c7ca3e109575146b3
https://beta.virusbay.io/sample/browse/5d6050cfdea66e370089126c9eb6ebf7
https://twitter.com/cyb3rops/status/1038441849856450560
https://twitter.com/cyb3rops/status/1038438849440112647
https://t.co/FWP9f7DLeb
https://www.nextron-systems.com/2018/09/08/antivirus-event-analysis-cheat-sheet-v1-4/
https://twitter.com/cyb3rops/status/1038344524320464897
https://t.co/T3d5tHg1RK
https://github.com/Neo23x0/sigma/blob/master/rules/windows/builtin/win_susp_powershell_hidden_b64_cmd.yml
https://twitter.com/cyb3rops/status/1038302420340748289
https://t.co/PEdETB7eJU
https://blog.trendmicro.com/trendlabs-security-intelligence/the-urpage-connection-to-bahamut-confucius-and-patchwork/
https://twitter.com/cyb3rops/status/1038001186836819968
https://twitter.com/cyb3rops/status/1037966767023382529
https://twitter.com/cyb3rops/status/1037947273769086976
https://twitter.com/cyb3rops/status/1037742481050361857
https://t.co/pLWbdNp9V5
http://uncoder.io
https://twitter.com/cyb3rops/status/1037634184167260160
https://t.co/IyxTcdWoiP
https://www.virustotal.com/#/graph-overview
https://twitter.com/cyb3rops/status/1037440663007182848
https://t.co/m1B80KLqbh
http://www.8bitdash.com/
https://twitter.com/cyb3rops/status/1037403232920854530
https://t.co/Zb8cUYymyU
https://msdn.microsoft.com/en-us/library/cc422924.aspx
https://twitter.com/cyb3rops/status/1037398820265619456
https://twitter.com/cyb3rops/status/1037318345392041984
https://t.co/pLWbdNp9V5
https://t.co/yRHvTNdea4
http://uncoder.io
https://uncoder.io
https://twitter.com/cyb3rops/status/1037231145132478464
https://t.co/fZAhtilZyI
https://github.com/Neo23x0/ti-falsepositives/
https://twitter.com/cyb3rops/status/1037027487711223810
https://twitter.com/cyb3rops/status/1036986766673281025
https://t.co/lBuJBRJOBZ
https://babun.github.io/
https://twitter.com/cyb3rops/status/1036967686062985218
https://t.co/HTGCF9JOfP
https://www.loggly.com/blog/five-invaluable-techniques-to-improve-regex-performance/
https://twitter.com/cyb3rops/status/1036867159459287040
https://twitter.com/cyb3rops/status/1036643422759804928
https://twitter.com/cyb3rops/status/1036642978167758848
https://t.co/5qhi6TwSuy
https://t.co/YGRqV5r6FY
https://tinyurl.com/decryptgpp
https://twitter.com/virusbtn/status/1036637955308376069
https://twitter.com/cyb3rops/status/1036638865946279936
https://twitter.com/cyb3rops/status/1036632655461318656
https://twitter.com/cyb3rops/status/1036632083110809601
https://twitter.com/cyb3rops/status/1036614901240877056
https://twitter.com/cyb3rops/status/1036599295020097536
https://twitter.com/cyb3rops/status/1036579963007389696
https://twitter.com/cyb3rops/status/1036532855147569153
https://t.co/tnfZhWgCwo
https://github.com/Neo23x0/sigma/blob/master/rules/windows/builtin/win_susp_powershell_enc_cmd.yml
https://twitter.com/cyb3rops/status/1036253029316616192
https://twitter.com/cyb3rops/status/1036250103311417345
https://t.co/MFx52khsWa
https://youtu.be/tdLBzfFGFQU
https://twitter.com/cyb3rops/status/1036238201386610688
https://twitter.com/cyb3rops/status/1036236601708433414
https://t.co/530GskJQAZ
https://m.soundcloud.com/florian-roth-10/ayn-rand-capitalism-the-ideal
https://twitter.com/cyb3rops/status/1036234995759759361
https://twitter.com/cyb3rops/status/1036214110977966080
https://twitter.com/cyb3rops/status/1035478596779950080
https://twitter.com/cyb3rops/status/1035427250269827072
https://twitter.com/cyb3rops/status/1035233587640127489
https://twitter.com/cyb3rops/status/1035174386041585664
https://twitter.com/cyb3rops/status/1035170964965875712
https://twitter.com/cyb3rops/status/1035137485087682560
https://twitter.com/cyb3rops/status/1035091914071191552
https://twitter.com/cyb3rops/status/1035083881358221313
https://twitter.com/cyb3rops/status/1035075590129369088
https://twitter.com/cyb3rops/status/1035059761870462979
https://twitter.com/cyb3rops/status/1035059297976311809
https://twitter.com/cyb3rops/status/1034798207694499841
https://twitter.com/cyb3rops/status/1034793945581191168
https://twitter.com/cyb3rops/status/1034792495186628609
https://t.co/7Rcgmvkne4
https://airtable.com/shr3Po3DsZUQZY4we
https://twitter.com/cyb3rops/status/1034776454536617984
https://twitter.com/cyb3rops/status/1034775676166000640
https://twitter.com/cyb3rops/status/1034747745351991296
https://twitter.com/cyb3rops/status/1034742711520309248
https://t.co/h6KPw1JdCG
https://github.com/gentilkiwi/mimikatz/issues/16
https://twitter.com/cyb3rops/status/1034740192954003456
https://twitter.com/cyb3rops/status/1034559677839941633
https://t.co/3t78iUsZ5T
https://github.com/tylabs/dovehawk
https://twitter.com/cyb3rops/status/1034371504002265089
https://t.co/dZ2Reg0TV0
https://t.co/qfwNcMbug5
http://threatfeeds.io
https://threatfeeds.io/
https://twitter.com/cyb3rops/status/1034166297658056705
https://twitter.com/cyb3rops/status/1034104545310375936
https://twitter.com/cyb3rops/status/1034104072285118465
https://twitter.com/cyb3rops/status/1033786221481406464
https://twitter.com/cyb3rops/status/1033784004535898115
https://t.co/IYjhYHz2pD
https://t.co/ywqftn4q2P
https://github.com/Neo23x0/sigma/blob/master/rules/windows/builtin/win_susp_procdump.yml
http://blog.gentilkiwi.com/securite/mimikatz/minidump
https://twitter.com/cyb3rops/status/1033277604378431488
https://t.co/OeLgLbteBC
https://github.com/firstlookmedia/gpgsync
https://twitter.com/cyb3rops/status/1032987907643113472
https://twitter.com/cyb3rops/status/1032929539104681984
https://t.co/9pxh7jCnRg
https://github.com/tennc/webshell/issues/27
https://twitter.com/cyb3rops/status/1032921141831184384
https://twitter.com/cyb3rops/status/1032918288886624256
https://twitter.com/cyb3rops/status/1032913661638131712
https://twitter.com/cyb3rops/status/1032906739899944961
https://twitter.com/cyb3rops/status/1032582295209889797
https://twitter.com/cyb3rops/status/1032580528770375680
https://t.co/XRsahefpks
https://malware-research.org/slack/
https://twitter.com/cyb3rops/status/1032580255054225408
https://twitter.com/cyb3rops/status/1032575688845475840
https://twitter.com/cyb3rops/status/1032567819270012928
https://twitter.com/cyb3rops/status/1032550679972376577
https://twitter.com/cyb3rops/status/1032550424279216129
https://t.co/FjmG43yVDm
https://github.com/Neo23x0/munin
https://twitter.com/cyb3rops/status/1032367289901830145
https://t.co/FjmG43hkeM
https://github.com/Neo23x0/munin
https://twitter.com/cyb3rops/status/1032257701022244864
https://t.co/q8uHcqSfUG
https://www.welivesecurity.com/2018/08/22/turla-unique-outlook-backdoor/
https://twitter.com/cyb3rops/status/1032233532515667968
https://t.co/N2fznlvSSm
https://www.secureworks.com/research/threat-group-3279-targets-the-video-game-industry#up2
https://twitter.com/cyb3rops/status/1031839163878920192
https://t.co/3mVLnUgjdQ
https://t.co/cOnTCc8e7T
https://www.virustotal.com/en/file/587cdb5ce1d7d16724a0003f112266889f0961b5d9591876ade1d3cbe30b3417/analysis/
https://app.any.run/tasks/46e3f39c-7951-4324-a7fd-7c3e5f89cfa8
https://twitter.com/cyb3rops/status/1031474949423280128
https://t.co/Ayy8X6pVMH
https://github.com/ncsa/ssh-auditor
https://twitter.com/cyb3rops/status/1031175767516954625
https://twitter.com/cyb3rops/status/1031122313276780544
https://t.co/w13jwpWQNz
https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/foreshadow-l1tf-intel-processor-vulnerabilities-what-you-need-to-know
https://twitter.com/cyb3rops/status/1031118107740446722
https://twitter.com/cyb3rops/status/1031106666266275840
https://t.co/3LeyPQrMBS
https://www.youtube.com/watch?v=JAGdGRvNVuk
https://twitter.com/cyb3rops/status/1031096200181829632
https://t.co/8AItdKeYcx
https://docs.oasis-open.org/cti/stix/v2.0/stix-v2.0-part5-stix-patterning.html
https://twitter.com/cyb3rops/status/1030763015463952384
https://t.co/y5Xxgg01af
https://intrusiontruth.wordpress.com/2018/08/15/apt10-was-managed-by-the-tianjin-bureau-of-the-chinese-ministry-of-state-security/
https://twitter.com/cyb3rops/status/1030503748160970752
https://t.co/X0O1rwMNkx
https://www.recordedfuture.com/chinese-cyberespionage-operations/
https://twitter.com/cyb3rops/status/1030127496254156801
https://t.co/q7GhzFJPwu
https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml#
https://twitter.com/cyb3rops/status/1030125256902631426
https://t.co/aYM5wJmGv3
https://t.co/15PtnDWNNK
https://www.malware-traffic-analysis.net/index.html
https://packettotal.com
https://twitter.com/cyb3rops/status/1030122046049665024
https://t.co/PFzpuOIxdi
https://t.co/n8NhEeRs9X
https://t.co/8aItEOHKCd
https://twitter.com/thor_scanner/status/1030066114162774016
https://twitter.com/thor_scanner/status/1012620327132848128
https://www.nextron-systems.com/spark-core/
https://twitter.com/cyb3rops/status/1030067255873359873
https://t.co/8wrXctPqQs
https://lnav.org/
https://twitter.com/cyb3rops/status/1029818856557215744
https://t.co/sYJaufeCUf
https://t.co/Ujelam6Yjm
https://www.virustotal.com/en/file/5c65a8ab89ad6e82edf403b30b62db997db83c0bf4560a0d98c9ce07a55f264a/analysis/
https://beta.virusbay.io/sample/browse/883c325aa1f21801ca52ad3ac4047e8a
https://twitter.com/cyb3rops/status/1029682461171769344
https://t.co/V6HO3p3flv
https://twitter.com/cyb3rops/status/838407913664307204
https://twitter.com/cyb3rops/status/1029265275655479297
https://t.co/3qLLQb3BTU
https://intrusiontruth.wordpress.com/2018/08/09/was-apt10-the-work-of-individuals-a-company-or-the-state/
https://twitter.com/cyb3rops/status/1028731437074337792
https://twitter.com/cyb3rops/status/1028628767206457344
https://twitter.com/cyb3rops/status/1028199733356126208
https://t.co/RlWirEUqPz
https://t.co/4GX5fPcVwY
https://t.co/4xQ8G2mNap
https://t.co/o4duX5XQDR
https://www.sans.org/reading-room/whitepapers/tools/yara-rules-rule-basic-advanced-38560
https://www.first.org/resources/papers/conference2014/first_2014_-_schuster-_andreas_-_yara_basic_and_advanced_20140619.pdf
https://files.sans.org/summit/Threat_Hunting_Incident_Response_Summit_2016/PDFs/To-Catch-an-APT-YARA-Jay-DiMartino.pdf
https://www.youtube.com/watch?v=YFVZ-tjjWos
https://twitter.com/cyb3rops/status/1027992698060513280
https://t.co/j8utHrDgVW
https://sdevprog.blogspot.com/2018/04/overview-of-efficient-programming.html
https://twitter.com/cyb3rops/status/1027990248574394368
https://t.co/rgvwmrxPJC
https://twitter.com/thor_scanner/status/1024574447871766528
https://twitter.com/cyb3rops/status/1027890467034345473
https://t.co/9lo5PGlwn0
https://www.nextron-systems.com/notes-on-virustotal-matches/
https://twitter.com/cyb3rops/status/1027820753016840192
https://twitter.com/cyb3rops/status/1027582666604994560
https://twitter.com/cyb3rops/status/1027470780454592512
https://twitter.com/cyb3rops/status/1027466251814293510
https://t.co/gPaPxEo5XW
https://github.com/Neo23x0/yarGen
https://twitter.com/cyb3rops/status/1027194320229740545
https://t.co/ZGON8yIZ8h
https://t.co/MrJWUTTqQ4
https://t.co/s9WHTo1bFy
https://github.com/Neo23x0/sigma/tree/master/tools
https://github.com/Neo23x0/sigma/tree/master/tools/sigma/backends
https://github.com/Neo23x0/sigma/wiki/Converter-Tool-Sigmac
https://twitter.com/cyb3rops/status/1027165094831108096
https://t.co/teZcWrXGYK
https://researchcenter.paloaltonetworks.com/2018/08/unit42-darkhydrus-uses-phishery-harvest-credentials-middle-east/
https://twitter.com/cyb3rops/status/1026724891809251328
https://twitter.com/cyb3rops/status/1026123258628849665
https://twitter.com/cyb3rops/status/1026037774212849664
https://t.co/17MFUhgjZR
https://t.co/HQV8I1bxrC
https://gist.github.com/Neo23x0/9fe88c0c5979e017a389b90fd19ddfee
https://twitter.com/binitamshah/status/1025987181439938560
https://twitter.com/cyb3rops/status/1025867820045873153
https://t.co/PCLouOmbF3
https://isc.sans.edu/diary.html
https://twitter.com/cyb3rops/status/1025672816128155649
https://t.co/q7QJC0DiPs
https://cse.google.com/cse?q=+&cx=003248445720253387346:turlh5vi4xc
https://twitter.com/cyb3rops/status/1025061005234200577
https://t.co/dTmDVfqLpx
https://ghostbin.com/paste/99hcc
https://twitter.com/cyb3rops/status/1025055938468818944
https://t.co/uIcyh8m6jm
https://www.crowdstrike.com/blog/arrests-put-new-focus-on-carbon-spider-adversary-group/
https://twitter.com/cyb3rops/status/1024956170757451776
https://t.co/OLpDCST1db
https://t.co/1L0NEQrlPS
https://blog.nviso.be/2018/08/02/powershell-inside-a-certificate-part-3/
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_cert_payloads.yar
https://twitter.com/cyb3rops/status/1024941800807694336
https://t.co/JJCDOMnCv2
https://learn.cisecurity.org/benchmarks
https://twitter.com/cyb3rops/status/1024939696466477057
https://t.co/BlXNkzqrOW
https://github.com/JPCERTCC/LogonTracer
https://twitter.com/cyb3rops/status/1024938742073749505
https://t.co/DdEZYdWyCR
https://t.co/NLUn8W64tQ
https://medium.com/@dubistkomisch/set-up-2fa-two-factor-authentication-for-paypal-with-google-authenticator-or-other-totp-client-60fee63bfa4f
https://www.paypal-community.com/t5/About-Protections/How-to-get-a-2FA-OTP-Security-Key-without-the-Symantec-VIP/td-p/1306269
https://twitter.com/cyb3rops/status/1024655820267704320
https://t.co/pNELWW6Aky
http://github.com/Neo23x0/munin/
https://twitter.com/cyb3rops/status/1024587208496500737
https://t.co/Dd1vVIVjAk
https://github.com/certsocietegenerale/IRM
https://twitter.com/cyb3rops/status/1024326878696484864
https://twitter.com/cyb3rops/status/1024208220989140992
https://t.co/pkLOzlgffm
https://github.com/hy00un/Hyara
https://twitter.com/cyb3rops/status/1024028052593037313
https://t.co/lSgunkLj4N
https://www.humblebundle.com/books/cybersecurity-wiley-books
https://twitter.com/cyb3rops/status/1023940315487633408
https://twitter.com/cyb3rops/status/1022835040353439744
https://twitter.com/cyb3rops/status/1022521551403540480
https://t.co/4n0thx5COV
https://www.intezer.com/mitigating-emotet-the-most-common-banking-trojan/
https://twitter.com/cyb3rops/status/1022244247658029056
https://twitter.com/cyb3rops/status/1021433991738642435
https://t.co/gLPqlZ14hA
https://t.co/te8FHSq1WP
http://Google.com
http://G00gle.com
https://twitter.com/cyb3rops/status/1021207174322810880
https://twitter.com/cyb3rops/status/1021146911749935104
https://twitter.com/cyb3rops/status/1021141162529345536
https://t.co/s6P6CrHrjt
https://t.co/Glw6Y0x01Y
https://github.com/Neo23x0/sigma/blob/master/rules/web/web_cve_2018_2894_weblogic_exploit.yml
https://twitter.com/pyn3rd/status/1020620932967223296
https://twitter.com/cyb3rops/status/1021136830727704576
https://t.co/6pixs3AC18
https://t.co/4LV7ZAwUGv
https://t.co/Glw6Y0x01Y
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2894
https://github.com/LandGrey/CVE-2018-2894
https://twitter.com/pyn3rd/status/1020620932967223296
https://twitter.com/cyb3rops/status/1020701673386278912
https://twitter.com/cyb3rops/status/1020075234018447361
https://t.co/jK4ZCBxObf
https://t.co/G5fM0KHWoF
https://t.co/yar8u4T0br
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_susp_reg_persist_explorer_run.yml
https://app.any.run/tasks/e1a6b565-6cad-4f79-82d8-9bc55da5598b
https://researchcenter.paloaltonetworks.com/2018/07/unit42-upatre-continues-evolve-new-anti-analysis-techniques/
https://twitter.com/cyb3rops/status/1019767523594694656
https://twitter.com/cyb3rops/status/1019639829515067392
https://t.co/jvEeHORqep
https://t.co/l9H2burWP7
https://passwordstore.org
https://qtpass.org
https://twitter.com/cyb3rops/status/1019634084342063104
https://t.co/vL1cDRNnrT
https://t.co/4y7XJqTk5d
https://t.co/yjO9O8uibj
https://www.passwordstore.org
http://syspass.org
https://teampass.net
https://twitter.com/cyb3rops/status/1019420532339552258
https://t.co/Mpo8cn1LFR
https://www.nextron-systems.com/2018/06/28/spark-applies-sigma-rules-in-eventlog-scan/
https://twitter.com/cyb3rops/status/1019393408757108737
https://t.co/5Ej76c1RH3
https://github.com/Neo23x0/sigma/blob/master/images/sigma_infographic_lq.png
https://twitter.com/cyb3rops/status/1019383913268043777
https://t.co/MKcLl4A33j
https://github.com/Neo23x0/sigma/pull/115
https://twitter.com/cyb3rops/status/1019235867616006145
https://t.co/YF0uM9JrYO
https://t.co/t3RNWaPiRr
https://www.youtube.com/watch?v=hld8pP1Wzvs
https://www.troopers.de/troopers18/agenda/8qvkpu/
https://twitter.com/cyb3rops/status/1019037811243208704
https://twitter.com/cyb3rops/status/1019037123788369920
https://twitter.com/cyb3rops/status/1019035031669485568
https://twitter.com/cyb3rops/status/1019032086810972168
https://t.co/U3CRUme3xN
https://t.co/ETvrTXuj5W
http://q-see.com
https://app.any.run/tasks/8d940094-d58f-44a8-bec2-519fddeadc83
https://twitter.com/cyb3rops/status/1018975856616722437
https://twitter.com/cyb3rops/status/1018605122186829824
https://t.co/8DXkwjo0OZ
https://www.splunk.com/blog/2018/05/10/boss-of-the-soc-scoring-server-questions-and-answers-and-dataset-open-sourced-and-ready-for-download.html
https://twitter.com/cyb3rops/status/1018533041675931649
https://twitter.com/cyb3rops/status/1018178564057980929
https://twitter.com/cyb3rops/status/1018139048941105152
https://t.co/uMXjPClSHN
https://t.co/htTpssBroC
https://t.co/YyjAXBUh8n
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_bigbang.yar
https://docs.google.com/spreadsheets/d/1KEleCkzOtYML5RbW2Vtb22VHtjr0aQeigNCHwJS5W5U/edit?usp=sharing
https://research.checkpoint.com/apt-attack-middle-east-big-bang/
https://twitter.com/cyb3rops/status/1018127030179782657
https://twitter.com/cyb3rops/status/1017545840930574336
https://t.co/EeaO95fFxj
https://github.com/Neo23x0/sigma
https://twitter.com/cyb3rops/status/1017536317713010689
https://t.co/hOK4M01tjV
https://youtu.be/P-XrTsLarzI
https://twitter.com/cyb3rops/status/1017534966803124225
https://twitter.com/cyb3rops/status/1017533533227814912
https://t.co/3gsvkZjrJO
https://github.com/Neo23x0/sigma/blob/master/rules/proxy/proxy_ua_apt.yml
https://twitter.com/cyb3rops/status/1017398291133353985
https://t.co/QzYghHWlHR
https://malware-research.org/carbanak-source-code-leaked/
https://twitter.com/cyb3rops/status/1016531267138048001
https://t.co/JbTMuaIOPj
https://t.co/dqSuaNIFQs
https://www.fireeye.com/content/dam/fireeye-www/blog/pdfs/dosfuscation-report.pdf
https://app.any.run/tasks/69183f75-c075-491a-94f4-ec53fb74a013
https://twitter.com/cyb3rops/status/1016375579535437825
https://t.co/YyjAXBUh8n
https://research.checkpoint.com/apt-attack-middle-east-big-bang/
https://twitter.com/cyb3rops/status/1016127895843082241
https://t.co/lSVf5m56fk
https://t.co/Gm6g7Ezngs
https://www.virustotal.com/en/file/ce23d0f8a219cb55e80d1d712f729b374f17c0d852ec661e058ccd72d3b3e9e2/analysis/
https://www.virustotal.com/en/search/?query=caret
https://twitter.com/cyb3rops/status/1016114448929624064
https://t.co/1nXvaBGa9y
https://www.virustotal.com/en/file/fdec3a64d785220d5dcc9caabff8da400a8e4f7072feaa8ef4ebb18ebfc44d9a/analysis/
https://twitter.com/cyb3rops/status/1015744510939181056
https://twitter.com/cyb3rops/status/1015742005085958147
https://t.co/VVqnGnteb3
https://t.co/IbNyaQPi6p
https://github.com/Neo23x0/Loki
https://www.heise.de/ct/ausgabe/2018-15-Systemeinbrueche-aufdecken-mit-LOKI-4094774.html
https://twitter.com/cyb3rops/status/1015657383757041666
https://twitter.com/cyb3rops/status/1015655385129242626
https://twitter.com/cyb3rops/status/1015653545989890050
https://twitter.com/cyb3rops/status/1015652424512626689
https://twitter.com/cyb3rops/status/1015650594638450688
https://twitter.com/cyb3rops/status/1015649676471754754
https://twitter.com/cyb3rops/status/1015646880200523781
https://twitter.com/cyb3rops/status/1015643998638297088
https://twitter.com/cyb3rops/status/1015642717429387264
https://twitter.com/cyb3rops/status/1015641113812709376
https://twitter.com/cyb3rops/status/1015637536629248002
https://t.co/quCvBBSUp8
https://pylos.co/2018/07/06/the-impermanence-of-things-and-attribution/
https://twitter.com/cyb3rops/status/1015572082074312705
https://twitter.com/cyb3rops/status/1015570702911537152
https://twitter.com/cyb3rops/status/1015273929823408136
https://twitter.com/cyb3rops/status/1015259403845500928
https://t.co/5bLUvOvCbG
https://codewhitesec.blogspot.com/2018/07/lethalhta.html
https://twitter.com/cyb3rops/status/1015256561097297922
https://twitter.com/cyb3rops/status/1015219975076925440
https://twitter.com/cyb3rops/status/1015219549766127617
https://t.co/VxSobhW6EJ
https://medium.com/@olafhartong/sysmon-8-0-a-leap-forward-in-event-annotation-59a36555d856
https://twitter.com/cyb3rops/status/1015217370556764161
https://twitter.com/cyb3rops/status/1014201939679203328
https://t.co/LwAcgCRURT
https://gist.github.com/Neo23x0/fd9af35c5061578025d00838c215dfe4
https://twitter.com/cyb3rops/status/1013439236975071232
https://t.co/LUowplFxPN
https://twitter.com/ClearskySec/status/1013425897842597889
https://twitter.com/cyb3rops/status/1012747346566893569
https://t.co/5TwPv8K8D9
https://www.gdatasoftware.com/blog/2018/06/30862-fileless-malware-rozena
https://twitter.com/cyb3rops/status/1012714382500024320
https://t.co/8aItEOHKCd
https://t.co/n8NhEeRs9X
https://www.nextron-systems.com/spark-core/
https://twitter.com/thor_scanner/status/1012620327132848128
https://twitter.com/cyb3rops/status/1012288494906101762
https://twitter.com/cyb3rops/status/1011948231754907648
https://twitter.com/cyb3rops/status/1011712302272450560
https://t.co/MEbV3EgX2F
https://www.penguinrandomhouse.com/books/173930/cuckoos-egg-by-clifford-stoll/9780307819420/
https://twitter.com/cyb3rops/status/1011700333712683010
https://twitter.com/cyb3rops/status/1011696429889449984
https://t.co/nN34W9WeUB
https://www.recordedfuture.com/redalpha-cyber-campaigns/
https://twitter.com/cyb3rops/status/1011644622261686273
https://twitter.com/cyb3rops/status/1011630403516620802
https://t.co/prEGxXIV8l
https://docs.google.com/spreadsheets/d/1H9_xaxQHpWaa4O_Son4Gx0YOIzlcBWMsdvePFX68EKU/edit
https://twitter.com/cyb3rops/status/1011629027600281601
https://t.co/uqbHDJR8iO
https://researchcenter.paloaltonetworks.com/2018/06/unit42-rancor-targeted-attacks-south-east-asia-using-plaintee-ddkong-malware-families/
https://twitter.com/cyb3rops/status/1011290975975673856
https://t.co/OtZBT8vJKI
https://t.co/RiEHPKThIn
https://t.co/i6Bu3iGQsF
https://t.co/EeaO95fFxj
https://github.com/Neo23x0/exotron
https://github.com/Neo23x0/evt2sigma
https://github.com/P4T12ICK/ypsilon
https://github.com/Neo23x0/sigma
https://twitter.com/cyb3rops/status/1011272558975569921
https://t.co/QAHwd7jogK
https://t.co/lRmvRN2NsX
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_susp_powershell_rundll32.yml
https://www.fireeye.com/blog/threat-research/2018/06/bring-your-own-land-novel-red-teaming-technique.html
https://twitter.com/cyb3rops/status/1010898465751044097
https://t.co/JLP60MOj54
https://t.co/JL3hMr4eEh
https://www.amazon.com/dp/1416507787/
https://www.youtube.com/watch?v=ddAtMMDeeq8
https://twitter.com/cyb3rops/status/1010640087892230144
https://twitter.com/cyb3rops/status/1010492173400330240
https://twitter.com/cyb3rops/status/1010483424035995648
https://t.co/OtZBT8vJKI
https://github.com/Neo23x0/exotron
https://twitter.com/cyb3rops/status/1010131395769925633
https://t.co/kx2nVzXnut
https://t.co/yJSLQ4SXg7
https://t.co/x9mnE3mkdX
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_thrip.yar
https://github.com/Neo23x0/sigma/blob/master/rules/windows/builtin/win_susp_sysprep_appdata.yml
https://www.symantec.com/blogs/threat-intelligence/thrip-hits-satellite-telecoms-defense-targets
https://twitter.com/cyb3rops/status/1010125034965389312
https://t.co/hIJPVi5ntX
https://github.com/Neo23x0/sigma/commit/31727b3b258d78eb5ec6cc14aa3df63bad2ce77a
https://twitter.com/cyb3rops/status/1009809480538841088
https://t.co/x9mnE3mkdX
https://www.symantec.com/blogs/threat-intelligence/thrip-hits-satellite-telecoms-defense-targets
https://twitter.com/cyb3rops/status/1008688356795043840
https://t.co/8ZVEiByI5q
https://www.roe.ch/xnumon
https://twitter.com/cyb3rops/status/1008600484930781184
https://twitter.com/cyb3rops/status/1008340066991853568
https://twitter.com/cyb3rops/status/1008333661429780480
https://twitter.com/cyb3rops/status/1008325483581394944
https://twitter.com/cyb3rops/status/1008251575419260928
https://twitter.com/cyb3rops/status/1008089255044960256
https://twitter.com/cyb3rops/status/1008018331629162496
https://t.co/lg86dbbek1
https://www.nextron-systems.com/2018/06/16/yara-rule-creation-crackme/
https://twitter.com/cyb3rops/status/1007725496594063361
https://twitter.com/cyb3rops/status/1007291810731974663
https://t.co/BkIpuDD5ru
https://github.com/Neo23x0/space-id
https://twitter.com/cyb3rops/status/1007243153970167808
https://twitter.com/cyb3rops/status/1007166284432330754
https://twitter.com/cyb3rops/status/1007160921029009408
https://twitter.com/cyb3rops/status/1007150576008822785
https://t.co/NyeQKf6OkO
https://twitter.com/thor_scanner/status/1007147525369933824
https://twitter.com/cyb3rops/status/1006581851455197184
https://t.co/hgtTeA97km
https://t.co/bqOrIlKDON
https://t.co/pdGCJE7rhU
https://app.any.run/tasks/831d0289-2111-499d-9b36-bb845f8a6da3
https://app.any.run/tasks/7268cb19-d556-4af2-b668-5eaa660b6fa4
https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/june/cve-2017-8750-rtf-and-the-sisfader-rat/
https://twitter.com/cyb3rops/status/1006463231760756736
https://t.co/Tt0d1Htmpd
https://blog.jpcert.or.jp/2018/06/plead-downloader-used-by-blacktech.html
https://twitter.com/cyb3rops/status/1005799847327395840
https://twitter.com/cyb3rops/status/1005739848232206336
https://t.co/7MkjG585PH
https://www.nextron-systems.com/2018/06/10/software-problem-solving-cheat-sheet/
https://twitter.com/cyb3rops/status/1005549365975486466
https://t.co/OgJptf1nSr
http://www.scmp.com/news/china/diplomacy-defence/article/2149998/china-twice-hacked-us-navy-contractor-and-stole-data
https://twitter.com/cyb3rops/status/1005015041865928704
https://t.co/ZQsm3BCWYK
https://github.com/Neo23x0/sigma/commits/master
https://twitter.com/cyb3rops/status/1004463490390724608
https://t.co/3gsvkZjrJO
https://t.co/UBeuq2mJVl
https://github.com/Neo23x0/sigma/blob/master/rules/proxy/proxy_ua_apt.yml
https://researchcenter.paloaltonetworks.com/2018/06/unit42-sofacy-groups-parallel-attacks/
https://twitter.com/cyb3rops/status/1004461071955124224
https://t.co/UBeuq2mJVl
https://researchcenter.paloaltonetworks.com/2018/06/unit42-sofacy-groups-parallel-attacks/
https://twitter.com/cyb3rops/status/1004136703978889216
https://t.co/DJSwZmuOjV
https://github.com/austin-taylor/VulnWhisperer/blob/master/README.md
https://twitter.com/cyb3rops/status/1003913382163107840
https://t.co/x8OgOqd4m2
https://twitter.com/andriinb/status/1002139423633494016?s=21
https://twitter.com/cyb3rops/status/1003614424383545344
https://t.co/JXl3TVpSDN
https://www.cert.pl/en/news/single/ostap-malware-analysis-backswap-dropper/
https://twitter.com/cyb3rops/status/1003276006571102209
https://t.co/ddVESODYzg
https://t.co/AmoyoKPivc
https://github.com/Neo23x0/sigma/blob/master/rules/windows/builtin/win_dcsync.yml
https://twitter.com/gentilkiwi/status/1003236624925413376
https://twitter.com/cyb3rops/status/1003273300162875392
https://t.co/6Nd5yvAkwm
https://medium.com/@cyb3rops/the-spirit-that-drives-cyber-security-30c219a0705c
https://twitter.com/cyb3rops/status/1003070681045708800
https://t.co/wwbvdlOtqc
https://twitter.com/0xrawsec/status/1002478725605273600
https://twitter.com/cyb3rops/status/1003066895946473472
https://t.co/SSsnGph2zV
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_ads_executable.yml
https://twitter.com/cyb3rops/status/1002846646978347009
https://twitter.com/cyb3rops/status/1002471969328128000
https://t.co/b3YXmS8GEN
https://www.coalfire.com/The-Coalfire-Blog/May-2018/PowerShell-In-Memory-Injection-Using-CertUtil-exe
https://twitter.com/cyb3rops/status/1002471385560702976
https://twitter.com/cyb3rops/status/1002104937550139392
https://twitter.com/cyb3rops/status/1001869383000576001
https://t.co/QbS4f8voRh
https://twitter.com/tlansec/status/1001868060951760896
https://twitter.com/cyb3rops/status/1001848019480973321
https://t.co/i6Bu3iGQsF
https://github.com/P4T12ICK/ypsilon
https://twitter.com/cyb3rops/status/1001785860000493568
https://t.co/DfxGmrC2OE
https://t.co/Exmm3k2I5T
https://github.com/Neo23x0/sigma#supported-targets
https://github.com/Neo23x0/sigma/blob/master/tools/sigma/backends.py#L805
https://twitter.com/cyb3rops/status/1001525459283333121
https://t.co/kXBYMLe2Jy
https://www.us-cert.gov/ncas/alerts/TA18-149A
https://twitter.com/cyb3rops/status/1000358509811257344
https://twitter.com/cyb3rops/status/1000354647608045568
https://t.co/RiEHPKThIn
https://github.com/Neo23x0/evt2sigma
https://twitter.com/cyb3rops/status/999983425095323648
https://twitter.com/cyb3rops/status/999776193888047105
https://twitter.com/cyb3rops/status/999773807098388481
https://t.co/9eBSRdD7Kf
https://t.co/3B74Gl7khJ
https://docs.google.com/spreadsheets/d/e/2PACX-1vTheajUWzRhTK0XhSI3_RnYVtUJvl8mlX8HlThPyCJGK1g5SBecgS78O1oeTFQxDYS0oWlKTg2pNLyb/pubhtml
https://twitter.com/CyberAuthority/status/999772134464544776
https://twitter.com/cyb3rops/status/999689401235099649
https://t.co/d6Q7x1Nnvu
https://gist.github.com/Neo23x0/e3d4e316d7441d9143c7#magic-header-definitions
https://twitter.com/cyb3rops/status/999682817322864640
https://t.co/NNrUctCHwZ
https://twitter.com/ItsReallyNick/status/999680144062152705
https://twitter.com/cyb3rops/status/999657164359782400
https://t.co/vuYFGu3Q3e
https://t.co/gw9jObhiPF
https://t.co/U2dUnTWswG
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_vpnfilter.yar
https://github.com/Neo23x0/sigma/blob/master/rules/proxy/proxy_ua_apt.yml#L33
https://gist.github.com/Neo23x0/00bc2b883c530f7a12b055549e9076ff
https://twitter.com/cyb3rops/status/999627350433247232
https://twitter.com/cyb3rops/status/999577043548495873
https://t.co/657q7O1Xi5
https://www.fireeye.com/blog/threat-research/2013/10/openioc-basics.html
https://twitter.com/cyb3rops/status/999553011180548096
https://twitter.com/cyb3rops/status/999412633815207936
https://twitter.com/cyb3rops/status/999343140908740618
https://twitter.com/cyb3rops/status/999340956750098432
https://t.co/rmSvBgeKVz
https://keybase.io/blog/2015-07-15/keybase-raises-series-a
https://twitter.com/cyb3rops/status/999340322537668608
https://twitter.com/cyb3rops/status/999336787314204673
https://twitter.com/cyb3rops/status/999310280407633922
https://t.co/khJJ6VVRGD
https://keybase.io/
https://twitter.com/cyb3rops/status/999287632239656960
https://t.co/uGyzTELOsD
https://intrusiontruth.wordpress.com/2018/05/22/the-destruction-of-apt3/
https://twitter.com/cyb3rops/status/999180902243733504
https://t.co/G0eXFby5B8
https://www.theguardian.com/technology/2018/apr/18/facebook-facial-recognition-gdpr-targeted-advertising
https://twitter.com/cyb3rops/status/999179001343209472
https://twitter.com/cyb3rops/status/999158242143031297
https://twitter.com/cyb3rops/status/998957838310535168
https://t.co/AbkHIIAup5
https://www.lac.co.jp/lacwatch/people/20180521_001638.html
https://twitter.com/cyb3rops/status/998956795535249408
https://t.co/e0dp2ru4Jo
https://motherboard.vice.com/en_us/article/wjbda5/kaspersky-sas-conference-russia-spying
https://twitter.com/cyb3rops/status/998842499966947329
https://t.co/mEy2jXSm7b
https://www.crowdstrike.com/blog/an-in-depth-analysis-of-samsam-ransomware-and-boss-spider/
https://twitter.com/cyb3rops/status/998841684644515840
https://t.co/ryadzFnmbQ
https://www.us-cert.gov/ncas/alerts/TA18-141A
https://twitter.com/cyb3rops/status/997601309875408897
https://t.co/oslL7StiTy
https://github.com/Neo23x0/sigma/blob/master/README.md
https://twitter.com/cyb3rops/status/997574214818385922
https://twitter.com/cyb3rops/status/997493088229691393
https://t.co/De7Sll6djZ
https://t.co/yC6xDhs1px
http://backends.py
https://github.com/Neo23x0/sigma/pull/86/files
https://twitter.com/cyb3rops/status/997471545860771840
https://twitter.com/cyb3rops/status/997421381531947008
https://t.co/s6lPF5J2DQ
https://t.co/SROJBb65Ra
https://fooolix.blogspot.de/2018/02/chasing-x25519.html
https://blog.g3rt.nl/upgrade-your-ssh-keys.html
https://twitter.com/cyb3rops/status/997375582571761664
https://twitter.com/cyb3rops/status/997353783075237888
https://twitter.com/cyb3rops/status/997350908676706304
https://t.co/huvP2qJqok
https://youtu.be/xdnwR_T-qx0
https://twitter.com/cyb3rops/status/997346927699288065
https://t.co/pagulmxyIB
https://eugdprcompliant.com/personal-data/
https://twitter.com/cyb3rops/status/997101980274307072
https://t.co/ORouRdZKQE
https://t.co/yggvpAy9ce
https://cse.google.com/cse/publicurl?cx=003248445720253387346:turlh5vi4xc
https://gist.github.com/Neo23x0/c4f40629342769ad0a8f3980942e21d3
https://twitter.com/cyb3rops/status/996649097292546053
https://twitter.com/cyb3rops/status/996342659185872901
https://t.co/8szgost3jP
https://docs.google.com/spreadsheets/d/1H9_xaxQHpWaa4O_Son4Gx0YOIzlcBWMsdvePFX68EKU
https://twitter.com/cyb3rops/status/996048114896302080
https://t.co/bwKsREPijp
https://t.co/t0xfKKGRZR
https://www.virustotal.com/en/file/36b682b0b3c0555f4970da96e5ba0ed7ae8f505fa8bc34489ff1c721c8711ea7/analysis/
https://app.any.run/tasks/8b42277f-ac29-4655-acf7-8ffc03d0c70d
https://twitter.com/cyb3rops/status/995978635566862336
https://twitter.com/cyb3rops/status/995971653871001602
https://t.co/fHIkC4HQcc
https://twitter.com/drwetter/status/995962136034717697
https://twitter.com/cyb3rops/status/995930350865080320
https://t.co/psY5G3Ss7D
https://twitter.com/ortegaalfredo/status/995912662130229248
https://twitter.com/cyb3rops/status/995928773764755456
https://t.co/xo62tDed6Z
https://moxie.org/blog/gpg-and-me/
https://twitter.com/cyb3rops/status/995921822335029248
https://t.co/p4IwoM1Q5o
https://t.co/501469AggD
https://medium.com/@cryps1s/darksurgeon-a-windows-10-packer-project-for-defenders-1a57759856b6
https://github.com/cryps1s/DARKSURGEON
https://twitter.com/cyb3rops/status/995749481156173826
https://t.co/ay1SkmsBT6
https://pastebin.com/EHf09Gxr
https://twitter.com/cyb3rops/status/995394318654431234
https://t.co/xgrIUhLioP
https://www.flashpoint-intel.com/blog/treasurehunter-source-code-leaked/
https://twitter.com/cyb3rops/status/995388882526011392
https://twitter.com/cyb3rops/status/995348105842356227
https://t.co/usXxbaU0Mc
https://www.nytimes.com/2018/05/11/technology/iranian-hackers-united-states.html
https://twitter.com/cyb3rops/status/995241706718158848
https://t.co/RDUW8uU6qp
https://www.nextron-systems.com/2018/05/12/new-antivirus-event-analysis-cheat-sheet-version-1-2/
https://twitter.com/cyb3rops/status/995193727479054336
https://t.co/5F54JUh3z9
https://t.co/3b6vuXS0dh
https://t.co/De7Sll6djZ
https://t.co/c2ukpvQG7M
https://github.com/Neo23x0/sigma/issues/79
https://github.com/Neo23x0/sigma/issues/83
http://backends.py
https://github.com/Neo23x0/sigma/blob/master/tools/sigma/backends.py
https://twitter.com/cyb3rops/status/995188154595495936
https://t.co/e5kGSEoTXW
https://github.com/Neo23x0/sigma/tree/master/rules/windows/builtin
https://twitter.com/cyb3rops/status/995051484873183232
https://t.co/Id0o0M4D6u
https://ghostbin.com/paste/agryy
https://twitter.com/cyb3rops/status/994970024472432640
https://twitter.com/cyb3rops/status/994942003006894080
https://t.co/OxKueHr1t2
https://gchq.github.io/CyberChef/
https://twitter.com/cyb3rops/status/994877772895080450
https://t.co/Q1Mgx5wkWw
https://www.paloaltonetworks.com/resources/whitepapers/unit42-silverterrier-rise-of-nigerian-business-email-compromise.html
https://twitter.com/cyb3rops/status/994824386107539456
https://twitter.com/cyb3rops/status/994554977279512576
https://t.co/Hbt6CjoOQm
https://www.exonar.com/gdpr-jokes/
https://twitter.com/cyb3rops/status/994550548195135489
https://t.co/1vnZPkUUxA
https://github.com/Neo23x0/sigma/blob/master/rules/network/net_mal_dns_cobaltstrike.yml
https://twitter.com/cyb3rops/status/994534209631944704
https://t.co/iqT3et0rSa
https://www.slideshare.net/real_slacker007/finding-evil-in-dns-traffic
https://twitter.com/cyb3rops/status/994530037792681984
https://t.co/PJ6tUO99cg
https://ti.360.net/blog/articles/analysis-of-apt-c-09-target-china/
https://twitter.com/cyb3rops/status/994322992283963393
https://t.co/S9xmIE5nAb
https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/may/tool-release-yaml2yara/
https://twitter.com/cyb3rops/status/994222244858683392
https://t.co/3b6vuXS0dh
https://github.com/Neo23x0/sigma/issues/83
https://twitter.com/cyb3rops/status/994098454833090560
https://twitter.com/cyb3rops/status/993437672248168448
https://twitter.com/cyb3rops/status/993430361756590080
https://twitter.com/cyb3rops/status/993410831055454212
https://twitter.com/cyb3rops/status/992735124168101888
https://t.co/JadsE6En8O
https://magic-wormhole.readthedocs.io/en/latest/welcome.html
https://twitter.com/cyb3rops/status/992708888641376262
https://twitter.com/cyb3rops/status/992647062205366272
https://t.co/ujuK1do3Hs
https://gdpr-shield.io/
https://twitter.com/cyb3rops/status/992496851122294784
https://twitter.com/cyb3rops/status/992462616562987008
https://t.co/64JfweuW88
https://securelist.com/whos-who-in-the-zoo/85394/
https://twitter.com/cyb3rops/status/992430239107239943
https://twitter.com/cyb3rops/status/992419389134770178
https://t.co/oslL7StiTy
https://t.co/pPRaLoGmYt
https://github.com/Neo23x0/sigma/blob/master/README.md
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_office_shell.yml
https://twitter.com/cyb3rops/status/992376050800824320
https://twitter.com/cyb3rops/status/992319030198456320
https://twitter.com/cyb3rops/status/992315782582427648
https://twitter.com/cyb3rops/status/992302392241635330
https://twitter.com/cyb3rops/status/992175826807508995
https://t.co/Boa9DwdkWS
https://github.com/Neo23x0/sigma/
https://twitter.com/cyb3rops/status/992046303524814848
https://t.co/CQvXfcBMqp
https://t.co/e54KKyIPng
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_bad_pdf.yar
https://github.com/deepzec/Bad-Pdf
https://twitter.com/cyb3rops/status/991948792982331392
https://t.co/S4mcnjqHzM
https://twitter.com/dim0x69/status/991941119247347712
https://twitter.com/cyb3rops/status/991065523273248775
https://twitter.com/cyb3rops/status/991039235514884096
https://t.co/kHWyGsCf52
http://blog.redactedsec.net/exploits/2018/04/26/nagios.html
https://twitter.com/cyb3rops/status/990304073986527237
https://twitter.com/cyb3rops/status/990232973126578176
https://t.co/0axlF8LD64
https://www.virustotal.com/en/file/0826a7bc50737cb0b477edb7a3fceb3944bf46d74b2137d1aaf5a04328505240/analysis/
https://twitter.com/cyb3rops/status/989932241898889217
https://t.co/1IXOgArlKd
https://krebsonsecurity.com/2018/04/security-trade-offs-in-the-new-eu-privacy-law/
https://twitter.com/cyb3rops/status/989910312387338240
https://t.co/ZELTUlnV5p
https://www.fireeye.com/blog/threat-research/2018/04/establishing-a-baseline-for-remote-desktop-protocol.html
https://twitter.com/cyb3rops/status/989909495647277057
https://t.co/IydxiwH84k
https://www.zscaler.com/blogs/research/cve-2017-8570-and-cve-2018-0802-exploits-being-used-spread-lokibot
https://twitter.com/cyb3rops/status/989867941457022978
https://twitter.com/cyb3rops/status/989838782814998528
https://twitter.com/cyb3rops/status/989539695343304704
https://t.co/tXEjkvNs03
https://securingtomorrow.mcafee.com/mcafee-labs/analyzing-operation-ghostsecret-attack-seeks-to-steal-data-worldwide/
https://twitter.com/cyb3rops/status/989537750725558273
https://t.co/BjsDFjPHKc
https://www.crowdstrike.com/blog/hidden-administrative-accounts-bloodhound-to-the-rescue/
https://twitter.com/cyb3rops/status/989530813921415174
https://t.co/quWagtyWNW
http://blog.talosintelligence.com/2018/04/gravityrat-two-year-evolution-of-apt.html
https://twitter.com/cyb3rops/status/989488379132825600
https://t.co/EvIQCLcFSx
https://twitter.com/adulau/status/989387481547268096
https://twitter.com/cyb3rops/status/989432690205233152
https://twitter.com/cyb3rops/status/989424400897314816
https://t.co/fYqUZtaLwP
https://twitter.com/danielhbohannon/status/989410342919958528
https://twitter.com/cyb3rops/status/989209306649255937
https://t.co/VAxaJ3G3C1
https://molo.ch/
https://twitter.com/cyb3rops/status/989107961351065600
https://t.co/a8oweu1DvG
https://github.com/Neo23x0/munin/releases/tag/0.6.0
https://twitter.com/cyb3rops/status/988893255629721600
https://t.co/eTfHiph5O8
https://www.welivesecurity.com/2018/04/24/sednit-update-analysis-zebrocy/
https://twitter.com/cyb3rops/status/988439348101222400
https://twitter.com/cyb3rops/status/988437844371955712
https://t.co/OopSDG2HPJ
https://t.co/JA8XPtRlcN
https://t.co/Qqg0sfmJEO
https://www.nextron-systems.com/yara-rule-feed/
https://github.com/Yara-Rules/rules
https://github.com/Neo23x0/signature-base
https://twitter.com/cyb3rops/status/988420092554895360
https://t.co/e2GEEUwLdL
http://www.scmp.com/news/china/diplomacy-defence/article/2142863/china-hackers-accused-attacking-japanese-defence-firms
https://twitter.com/cyb3rops/status/988376144234852353
https://t.co/LPx0TuKbIt
https://github.com/Neo23x0/Fenrir/releases/tag/v0.5-eb
https://twitter.com/cyb3rops/status/988367063197548545
https://t.co/CKMU1hzYUn
https://securelist.com/energetic-bear-crouching-yeti/85345/
https://twitter.com/cyb3rops/status/988020893296275456
https://twitter.com/cyb3rops/status/988012667695755264
https://twitter.com/cyb3rops/status/987780114623729664
https://t.co/krIGgLrhZw
https://twitter.com/gerritzc/status/974398783038607362
https://twitter.com/cyb3rops/status/987778304697659392
https://twitter.com/cyb3rops/status/987698263825534979
https://twitter.com/cyb3rops/status/987399967190011904
https://twitter.com/cyb3rops/status/987379240906776576
https://t.co/hOK4M01tjV
https://youtu.be/P-XrTsLarzI
https://twitter.com/cyb3rops/status/987359986228649984
https://t.co/FjmG43yVDm
https://github.com/Neo23x0/munin
https://twitter.com/cyb3rops/status/987351242354712576
https://twitter.com/cyb3rops/status/986878955465658368
https://twitter.com/cyb3rops/status/986641561873276933
https://twitter.com/cyb3rops/status/986620976862515203
https://twitter.com/cyb3rops/status/986619704688160770
https://t.co/w6VgtNljyX
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_bypass_squiblytwo.yml
https://twitter.com/cyb3rops/status/986583170731659265
https://t.co/gPaPxEo5XW
https://t.co/VnL7lYI4hq
https://t.co/zKz6FRMJDU
https://github.com/Neo23x0/yarGen
https://twitter.com/DissectMalware/status/986331842390446080
https://app.any.run/tasks/3d61e2e5-d26f-4d1e-b43f-439585b81637
https://twitter.com/cyb3rops/status/986517342288007168
https://t.co/GbsPL9ekhx
https://www.youtube.com/watch?v=n-LLgFUdRRU&feature=youtu.be
https://twitter.com/cyb3rops/status/986225657305817090
https://t.co/PomknddPIm
https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/april/decoding-network-data-from-a-gh0st-rat-variant/
https://twitter.com/cyb3rops/status/986205326637707264
https://twitter.com/cyb3rops/status/985952053985009664
https://twitter.com/cyb3rops/status/985773349157601280
https://t.co/6RR0t3LFOG
https://twitter.com/DissectMalware/status/984992063514128384
https://twitter.com/cyb3rops/status/985152721828352000
https://twitter.com/cyb3rops/status/984932744324149248
https://t.co/1gApMEeLOW
https://t.co/tzTy0AK6kz
https://github.com/Neo23x0/Loki/releases/tag/v0.27.4
https://hshrzd.wordpress.com/pe-sieve/
https://twitter.com/cyb3rops/status/984918713777475584
https://t.co/jbHIY7cnnp
https://asert.arbornetworks.com/innaput-actors-utilize-remote-access-trojan-since-2016-presumably-targeting-victim-files/
https://twitter.com/cyb3rops/status/984918212574838790
https://t.co/lEKbTgXJ5x
https://blog.talosintelligence.com/2018/04/malware-monitor-pyrebox-for-analysis.html
https://twitter.com/cyb3rops/status/984837837957812225
https://twitter.com/cyb3rops/status/984757209048510465
https://t.co/PNc7PFbavg
https://github.com/NextronSystems/APTSimulator
https://twitter.com/cyb3rops/status/984754572940935168
https://twitter.com/cyb3rops/status/984702887912792064
https://t.co/4RGZ9352lN
https://www.cyberbit.com/blog/endpoint-security/new-early-bird-code-injection-technique-discovered/
https://twitter.com/cyb3rops/status/984556952717053959
https://twitter.com/cyb3rops/status/984135437668274176
https://t.co/I3a1w66cgM
https://t.co/bYWN83uxZW
https://twitter.com/Oddvarmoe/status/983703245469208576
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_win_reg_persistence.yaml
https://twitter.com/cyb3rops/status/983356223805419520
https://t.co/WPJdGJc1KH
https://docs.google.com/spreadsheets/d/1H9_xaxQHpWaa4O_Son4Gx0YOIzlcBWMsdvePFX68EKU/edit?usp=sharing
https://twitter.com/cyb3rops/status/983334364904902656
https://t.co/X9TebekeHL
https://github.com/NextronSystems/APTSimulator/releases/tag/v0.8.0
https://twitter.com/cyb3rops/status/983290749671428098
https://t.co/V0sFNzgjTp
http://ip-178-202-85-20.unitymediagroup.de
https://twitter.com/cyb3rops/status/983281933403803648
https://t.co/tYdDriQTFR
https://www.redteam-pentesting.de/de/advisories/rt-sa-2017-014/-cyberark-password-vault-web-access-remote-code-execution
https://twitter.com/cyb3rops/status/983278329087320064
https://twitter.com/cyb3rops/status/983262582751539200
https://twitter.com/cyb3rops/status/983258858205442048
https://t.co/pagulmxyIB
https://eugdprcompliant.com/personal-data/
https://twitter.com/cyb3rops/status/983258072641691648
https://t.co/pagulmxyIB
https://eugdprcompliant.com/personal-data/
https://twitter.com/cyb3rops/status/983254799796842496
https://t.co/F7jvFyzExn
https://t.co/HsGnMGL6sx
https://github.com/MISP/misp-compliance/blob/master/GDPR/information_sharing_and_cooperation_gdpr.md
https://www.whitecase.com/publications/alert/court-confirms-ip-addresses-are-personal-data-some-cases
https://twitter.com/cyb3rops/status/983251369749569537
https://t.co/df42vAihmb
https://twitter.com/briankrebs/status/981982464460673025
https://twitter.com/cyb3rops/status/982341589916946432
https://t.co/pZOFauUoc8
https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
https://twitter.com/cyb3rops/status/982336802035044353
https://t.co/wrgCzt8x3i
https://mgreen27.github.io/posts/2018/04/02/DownloadCradle.html
https://twitter.com/cyb3rops/status/982196664650772480
https://twitter.com/cyb3rops/status/982195922892288003
https://twitter.com/cyb3rops/status/982195541332209665
https://t.co/f8D69gLinZ
https://www.fireeye.com/current-threats/annual-threat-report/mtrends.html
https://twitter.com/cyb3rops/status/982037264913043457
https://t.co/bgMmPbOwGW
https://t.co/qLxjcVrajr
https://www.ncsc.gov.uk/alerts/hostile-state-actors-compromising-uk-organisations-focus-engineering-and-industrial-control
https://www.ncsc.gov.uk/content/files/protected_files/article_files/NCSC%20advisory%20-%20CNI%20Supply%20Chain.pdf
https://twitter.com/cyb3rops/status/981998556084097026
https://twitter.com/cyb3rops/status/981934516846678016
https://twitter.com/cyb3rops/status/981068299697049600
https://t.co/5DTuTMxvJn
https://medium.com/@nykolas.z/dns-resolvers-performance-compared-cloudflare-x-google-x-quad9-x-opendns-149e803734e5
https://twitter.com/cyb3rops/status/980008608313331712
https://t.co/Moxq5FjHiD
http://blog.frizk.net/2018/03/total-meltdown.html
https://twitter.com/cyb3rops/status/979248926187556864
https://t.co/LhSdhNK37D
http://global.ahnlab.com/global/upload/download/techreport/Tech_Report_Malicious_Hancom.pdf
https://twitter.com/cyb3rops/status/978722781448867840
https://t.co/Sbf88hsZoj
https://www.trustwave.com/Resources/SpiderLabs-Blog/Crypter-as-a-Service-Helps-jRAT-Fly-Under-The-Radar/
https://twitter.com/cyb3rops/status/977860031847849984
https://twitter.com/cyb3rops/status/977854172988084224
https://t.co/xPSqtwc7M2
https://medium.com/@cyb3rops/the-newcomers-guide-to-cyber-threat-actor-naming-7428e18ee263
https://twitter.com/cyb3rops/status/977248424000217089
https://t.co/vgbR7VeEjl
http://www.sekoia.fr/blog/falling-on-muddywater/
https://twitter.com/cyb3rops/status/977241438437158912
https://t.co/rwliPaikfj
https://www.thedailybeast.com/exclusive-lone-dnc-hacker-guccifer-20-slipped-up-and-revealed-he-was-a-russian-intelligence-officer
https://twitter.com/cyb3rops/status/977223564876304384
https://twitter.com/cyb3rops/status/977213724472807426
https://t.co/ocCia46ovO
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_susp_ping_hex_ip.yml
https://twitter.com/cyb3rops/status/977209152920543234
https://twitter.com/cyb3rops/status/977187602569859075
https://t.co/bn9zUWVm5B
https://github.com/swisscom/PowerGRR/wiki/Use-registry-keys-from-Sigma-rules-as-input-for-PowerGRR-registry-flows
https://twitter.com/cyb3rops/status/977095121664708608
https://t.co/kj3rCB7M54
https://t.co/DTgvK0EQ2Y
https://t.co/FHQ6XSglcL
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_oilrig_chafer_mar18.yar
https://github.com/Neo23x0/sigma/blob/master/rules/apt/apt_chafer_mar18.yml
https://nyotron.com/nyotron-discovers-next-generation-oilrig-attacks/
https://twitter.com/cyb3rops/status/977086782935269376
https://twitter.com/cyb3rops/status/976818135624974336
https://twitter.com/cyb3rops/status/976793093327544320
https://t.co/FHQ6XSglcL
https://nyotron.com/nyotron-discovers-next-generation-oilrig-attacks/
https://twitter.com/cyb3rops/status/976789951261171712
https://t.co/1EjJgKy83m
https://www.virustotal.com/en/file/9c44503969d055ce99279d3453cc5077ac1a7dba8f47da9fec5f75885d97a84e/analysis/
https://twitter.com/cyb3rops/status/976444176895238144
https://twitter.com/cyb3rops/status/976410901854203904
https://twitter.com/cyb3rops/status/976403857738747906
https://t.co/95Rn73acML
https://tdm.socprime.com/sigma/
https://twitter.com/cyb3rops/status/976399715276414978
https://t.co/EeaO95fFxj
https://github.com/Neo23x0/sigma
https://twitter.com/cyb3rops/status/976394622694981633
https://twitter.com/cyb3rops/status/976369345503821824
https://t.co/gZ4cXMCZjn
https://theintercept.com/2018/03/20/the-nsa-worked-to-track-down-bitcoin-users-snowden-documents-reveal/
https://twitter.com/cyb3rops/status/976229811524861952
https://t.co/dbgbpOs8en
https://www.cyberscoop.com/kaspersky-slingshot-isis-operation-socom-five-eyes/
https://twitter.com/cyb3rops/status/976084798333685760
https://t.co/6RrnWtx8WQ
https://github.com/Northern-Lights/yara-parser
https://twitter.com/cyb3rops/status/976069195124412417
https://t.co/KWarxOMtCn
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventID=4657
https://twitter.com/cyb3rops/status/976049461410586624
https://twitter.com/cyb3rops/status/976038925474107392
https://t.co/u3vmYiMrdU
https://t.co/slURUzpIhR
https://t.co/IjuM2k1oBG
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_net_ntlm_downgrade.yml
https://www.optiv.com/blog/post-exploitation-using-netntlm-downgrade-attacks
https://twitter.com/0xrawsec/status/975766347132026881
https://twitter.com/cyb3rops/status/976033867504209921
https://twitter.com/cyb3rops/status/975776218594373633
https://twitter.com/cyb3rops/status/975773440375492609
https://t.co/xLu1yVQ3tY
https://pastebin.com/MDaqH2VC
https://twitter.com/cyb3rops/status/975771472336769024
https://twitter.com/cyb3rops/status/975156336546734080
https://twitter.com/cyb3rops/status/975076816678539264
https://twitter.com/cyb3rops/status/975073833291075584
https://t.co/pBdjgIEejB
https://t.co/W4D2wJsX1K
https://t.co/0QIYEHkfSP
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_susp_tscon_localsystem.yml
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_susp_tscon_rdp_redirect.yml
https://medium.com/@networksecurity/rdp-hijacking-how-to-hijack-rds-and-remoteapp-sessions-transparently-to-move-through-an-da2a1e73a5f6
https://twitter.com/cyb3rops/status/974967403670056960
https://t.co/5Awh8SJVpV
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_stickykey_like_backdoor.yml
https://twitter.com/cyb3rops/status/974966575617990656
https://t.co/c2ukpvQG7M
https://github.com/Neo23x0/sigma/blob/master/tools/sigma/backends.py
https://twitter.com/cyb3rops/status/974956468347777024
https://t.co/EuNCZnEYhx
https://github.com/Neo23x0/Loki/releases/tag/v0.27.0
https://twitter.com/cyb3rops/status/974782161369919489
https://twitter.com/cyb3rops/status/974780736929783808
https://twitter.com/cyb3rops/status/974778400329097218
https://twitter.com/cyb3rops/status/974775057405956097
https://t.co/YpYp1D7eqP
https://github.com/Neo23x0/signature-base/commit/0cef4b1890ed2bdcad61a027b7737d14e58b8bf2
https://twitter.com/cyb3rops/status/974770300742225921
https://twitter.com/cyb3rops/status/974701822718939136
https://t.co/VptsHO3Ru8
https://www.fireeye.com/blog/threat-research/2018/03/suspected-chinese-espionage-group-targeting-maritime-and-engineering-industries.html
https://twitter.com/cyb3rops/status/974699682147524609
https://t.co/EeaO95fFxj
https://t.co/s9WHTo1bFy
https://github.com/Neo23x0/sigma
https://github.com/Neo23x0/sigma/wiki/Converter-Tool-Sigmac
https://twitter.com/cyb3rops/status/974657851691098112
https://twitter.com/cyb3rops/status/974651817421361156
https://twitter.com/cyb3rops/status/974622547370299392
https://t.co/nTEDkvxqCA
https://docs.google.com/spreadsheets/d/1fJhBI1VUaooNyWo8rPrgs4BWg1RVPb2e_-mVebTndYM/edit?usp=sharing
https://twitter.com/cyb3rops/status/974578094261653504
https://t.co/Ou2aERFPeu
https://medium.com/uber-security-privacy/uber-security-metta-open-source-a8a49613b4a
https://twitter.com/cyb3rops/status/974558712353509376
https://t.co/5Awh8SJVpV
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_stickykey_like_backdoor.yml
https://twitter.com/cyb3rops/status/974557128043081730
https://t.co/ywE2zRIY1Z
https://www.symantec.com/blogs/threat-intelligence/inception-framework-hiding-behind-proxies
https://twitter.com/cyb3rops/status/974322378179215360
https://twitter.com/cyb3rops/status/974314429041999873
https://t.co/2gIXPOYAJX
https://www.us-cert.gov/ncas/alerts/TA18-074A
https://twitter.com/cyb3rops/status/974304151005028353
https://twitter.com/cyb3rops/status/974302054041694208
https://t.co/EeaO95fFxj
https://t.co/v9Nn18Hak2
https://github.com/Neo23x0/sigma
https://github.com/Neo23x0/sigma/tree/master/rules/windows
https://twitter.com/cyb3rops/status/974272794325372929
https://t.co/sAKDyugmo0
https://blog.preempt.com/how-we-exploited-the-authentication-in-ms-rdp
https://twitter.com/cyb3rops/status/974271470640746496
https://twitter.com/cyb3rops/status/974231998330961920
https://t.co/NiEDqACAHK
https://adsecurity.org/wp-content/uploads/2018/03/2018-Troopers-Metcalf-ActiveDirectorySecurityTheJourney-Final.pdf
https://twitter.com/cyb3rops/status/974227789007196160
https://twitter.com/cyb3rops/status/974197605155655680
https://t.co/vU0xZZDSgC
https://twitter.com/pengwinsurf/status/974047337277476864
https://twitter.com/cyb3rops/status/974045962695073798
https://t.co/Gli4w5IyWP
https://arstechnica.com/gadgets/2018/03/patch-tuesday-drops-the-mandatory-antivirus-requirement-after-all/?amp=1
https://twitter.com/cyb3rops/status/973950185620557824
https://t.co/Bjg0VipgKj
https://blog.trendmicro.com/trendlabs-security-intelligence/tropic-trooper-new-strategy/
https://twitter.com/cyb3rops/status/973909933237383168
https://twitter.com/cyb3rops/status/973837511335215105
https://t.co/J3GXazKaTj
https://twitter.com/itsreallynick/status/973774331233804288
https://twitter.com/cyb3rops/status/973692498790027264
https://t.co/tI5LAIFFNY
https://www.fireeye.com/blog/threat-research/2018/03/iranian-threat-group-updates-ttps-in-spear-phishing-campaign.html
https://twitter.com/cyb3rops/status/973552105360445440
https://t.co/omsRFDpjtW
https://www.welivesecurity.com/2018/03/13/oceanlotus-ships-new-backdoor/
https://twitter.com/cyb3rops/status/973218549186605056
https://twitter.com/cyb3rops/status/973197994802728961
https://twitter.com/cyb3rops/status/973192535618277376
https://t.co/Qqg0sfmJEO
https://github.com/Neo23x0/signature-base
https://twitter.com/cyb3rops/status/973165952765452290
https://t.co/MF15vY4JEB
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_apt15.yar
https://twitter.com/cyb3rops/status/973117647700316161
https://t.co/MF15vY4JEB
https://t.co/CZA6xvuN6l
https://t.co/lzlm5biA82
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_apt15.yar
https://docs.google.com/spreadsheets/d/1Nl4QvFC6BypPj3t-d5K_yaBLLW0rtGLU4ywn48SDbfk/edit?usp=sharing
https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/march/apt15-is-alive-and-strong-an-analysis-of-royalcli-and-royaldns/
https://twitter.com/cyb3rops/status/973113753268097025
https://twitter.com/cyb3rops/status/973113011341873153
https://twitter.com/cyb3rops/status/973102055333253120
https://t.co/QkoyRzAcp9
https://www.virustotal.com/en/file/16b868d1bef6be39f69b4e976595e7bd46b6c0595cf6bc482229dbb9e64f1bce/analysis/
https://twitter.com/cyb3rops/status/972628886478643200
https://twitter.com/cyb3rops/status/972494566103318528
https://t.co/e9ZM9MArjq
https://campaigns.f-secure.com/xfence/
https://twitter.com/cyb3rops/status/972491066384502784
https://twitter.com/cyb3rops/status/972487678422847488
https://t.co/lzlm5biA82
https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/march/apt15-is-alive-and-strong-an-analysis-of-royalcli-and-royaldns/
https://twitter.com/cyb3rops/status/972485653819686912
https://t.co/qpRRPuBkps
https://github.com/Neo23x0/sigma/blob/master/rules/apt/apt_slingshot.yml
https://twitter.com/cyb3rops/status/972468644063084544
https://t.co/FOfe3Sje2u
https://securelist.com/olympicdestroyer-is-here-to-trick-the-industry/84295/
https://twitter.com/cyb3rops/status/972464962441445377
https://t.co/FI3layw91J
https://www.bleepingcomputer.com/news/security/turkish-isp-swapped-downloads-of-popular-software-with-spyware-infected-apps/
https://twitter.com/cyb3rops/status/972446298849857536
https://twitter.com/cyb3rops/status/972438216111546368
https://t.co/CiiPAziCp9
https://securelist.com/masha-and-these-bears/84311/
https://twitter.com/cyb3rops/status/972433515240349696
https://t.co/vvkvCE9lVg
https://t.co/x5ocEdrGsH
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_slingshot.yar
https://github.com/Neo23x0/sigma/blob/master/rules/apt/apt_equationgroup_dll_u_load.yml
https://twitter.com/cyb3rops/status/972412798566391808
https://twitter.com/cyb3rops/status/972186477512839170
https://twitter.com/cyb3rops/status/972149217115459584
https://twitter.com/cyb3rops/status/972126011990138882
https://t.co/hx0ULG7D6e
https://twitter.com/craiu/status/972124182220767232
https://twitter.com/cyb3rops/status/972119613466136577
https://t.co/Z2dNU3RNcZ
https://citizenlab.ca/2018/03/bad-traffic-sandvines-packetlogic-devices-deploy-government-spyware-turkey-syria/
https://twitter.com/cyb3rops/status/972118300451835909
https://t.co/f3fHuIOjXI
https://t.co/QKPqTpQnH0
https://www.arbornetworks.com/blog/asert/donot-team-leverages-new-modular-malware-framework-south-asia/
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_donotteam_ytyframework.yar
https://twitter.com/cyb3rops/status/972009893107519488
https://t.co/dIJV6oHK28
https://blog.crysys.hu/2018/03/territorial-dispute-nsas-perspective-on-apt-landscape/
https://twitter.com/cyb3rops/status/971799682912587777
https://t.co/bmefkzG3tj
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_unicorn_obfuscated_powershell.yar
https://twitter.com/cyb3rops/status/971788704602877953
https://t.co/ezKT2lc7Bv
https://t.co/wsFSCiyvri
https://www.golem.de/news/bundeshack-hack-auf-bundesregierung-erfolgte-ueber-lernplattform-ilias-1803-133227.html
https://www.lernplattform-bakoev.bund.de/
https://twitter.com/cyb3rops/status/971652564587511809
https://t.co/whJ2L9S3ln
https://guacamole.apache.org/
https://twitter.com/cyb3rops/status/971076969600307207
https://t.co/PkhaJs6Q0I
https://www2.cybereason.com/asset/60:research-cobalt-kitty-attack-lifecycle
https://twitter.com/cyb3rops/status/971076038250901505
https://t.co/xnJIHO2LRe
https://twitter.com/hatr/status/971022702223020032
https://twitter.com/cyb3rops/status/971057134531162113
https://t.co/2v4rbEPM4A
https://t.co/rOkIitX8L3
http://Any.run
https://any.run/
https://twitter.com/cyb3rops/status/970931659125219328
https://t.co/k2cDBaUzSm
http://blog.jpcert.or.jp/2018/03/malware-tscooki-7aa0.html
https://twitter.com/cyb3rops/status/970779003895320577
https://t.co/VMcNNluFJp
https://t.co/4I6r6JOzaE
https://t.co/4ztsa5hklo
https://github.com/TKCERT/winnti-nmap-script
https://github.com/TKCERT/winnti-suricata-lua
https://github.com/TKCERT/winnti-detector
https://twitter.com/cyb3rops/status/970776372422594561
https://twitter.com/cyb3rops/status/970633110961475584
https://twitter.com/cyb3rops/status/970587311065980928
https://t.co/ZAo67KxScr
https://www.eideon.com/2018-03-02-THL03-WMIBackdoors/
https://twitter.com/cyb3rops/status/969955916274720769
https://t.co/FYYGQHNHk8
https://t.co/ZQQuYM5Z6M
https://t.co/rSSunZLLsN
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_op_honeybee.yar
https://securingtomorrow.mcafee.com/mcafee-labs/mcafee-uncovers-operation-honeybee-malicious-document-campaign-targeting-humanitarian-aid-groups/
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_dropper_pdb.yar
https://twitter.com/cyb3rops/status/969866493193326592
https://t.co/ZQQuYM5Z6M
https://securingtomorrow.mcafee.com/mcafee-labs/mcafee-uncovers-operation-honeybee-malicious-document-campaign-targeting-humanitarian-aid-groups/
https://twitter.com/cyb3rops/status/969295600700350464
https://t.co/0IalnbWUOp
https://twitter.com/timo_steffens/status/967280938639077376
https://twitter.com/cyb3rops/status/969285380402040832
https://t.co/bCiuWNwLcA
https://www.virustotal.com/en/file/0fc5452889fc4ebe7a866c2e8bc6faab8e04759f03d2601f0fdff7c596354d3a/analysis/1519930429/
https://twitter.com/cyb3rops/status/969254505576632320
https://twitter.com/cyb3rops/status/969221586313273344
https://t.co/8B4OEaL8yB
https://t.co/ccsmYHhu9m
https://www.virustotal.com/en/file/0cab912409ccd2a5d90fb82b02376a633ec09f1dcf33480720e35e9714068c2a/analysis/1519914429/
https://www.virustotal.com/en/file/ff808d0a12676bfac88fd26f955154f8884f2bb7c534b9936510fd6296c543e8/analysis/
https://twitter.com/cyb3rops/status/969121032308215808
https://t.co/vfqfEf5jQB
https://t.co/2H77kfifhK
https://researchcenter.paloaltonetworks.com/2018/02/unit42-sofacy-attacks-multiple-government-entities/
https://twitter.com/ClearskySec/status/960924755355369472
https://twitter.com/cyb3rops/status/968748527525552129
https://t.co/S1C5zFxsdc
https://www.symantec.com/blogs/threat-intelligence/chafer-latest-attacks-reveal-heightened-ambitions
https://twitter.com/cyb3rops/status/968746029624553473
https://t.co/GBaNugu21x
https://twitter.com/adschina/status/968535455674392576
https://twitter.com/cyb3rops/status/968500745648640002
https://twitter.com/cyb3rops/status/968488090577797120
https://twitter.com/cyb3rops/status/968472365482106880
https://twitter.com/cyb3rops/status/968412914498535424
https://t.co/X47KoXl5SM
https://t.co/8YM6xkaqGq
https://t.co/iy5MO0Q50q
https://www.virustotal.com/#/file/3d96811de7419a8c090a671d001a85f2b1875243e5b38e6f927d9877d0ff9b0c/detection
https://app.any.run/tasks/b245f38c-955b-47df-ae4f-a3fb7d19c45b
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_muddywater.yar
https://twitter.com/cyb3rops/status/968160537321394176
https://twitter.com/cyb3rops/status/968155424313806848
https://t.co/JBZ27Fdn6x
https://github.com/hosom/pythreatgrid/blob/master/pythreatgrid/threatgrid.py
https://twitter.com/cyb3rops/status/968148403375964160
https://t.co/0gndNeFXsZ
https://www.randhome.io/blog/2018/02/23/harpoon-an-osint-/-threat-intelligence-tool/
https://twitter.com/cyb3rops/status/967905826013941760
https://twitter.com/cyb3rops/status/967898975935320064
https://twitter.com/cyb3rops/status/967705423263485952
https://twitter.com/cyb3rops/status/967560034132557825
https://t.co/w5yHbM61bd
https://www.virustotal.com/#/intelligence-overview
https://twitter.com/cyb3rops/status/967556662834941952
https://t.co/aMREmnzUOq
https://researchcenter.paloaltonetworks.com/2018/02/unit42-oopsie-oilrig-uses-threedollars-deliver-new-trojan/
https://twitter.com/cyb3rops/status/967502661259087872
https://t.co/PNc7PFbavg
https://github.com/NextronSystems/APTSimulator
https://twitter.com/cyb3rops/status/967501352900464640
https://twitter.com/cyb3rops/status/967461092191621121
https://t.co/hzVfTk9bVE
https://github.com/NextronSystems/APTSimulator/blob/master/toolset/avexcluder.bat
https://twitter.com/cyb3rops/status/967350492253904896
https://twitter.com/cyb3rops/status/967341365779714049
https://twitter.com/cyb3rops/status/967081086818902016
https://t.co/gP0VEmsn83
https://github.com/NextronSystems/APTSimulator/releases/tag/v0.6.0
https://twitter.com/cyb3rops/status/967043332177317888
https://twitter.com/cyb3rops/status/967042326357999617
https://t.co/dWGW6X7m67
https://t.co/UB7peIlbKm
https://www.virustotal.com/en/file/3d11d4338042ca2cd2725f0d5e57b795c278e3d1b538a08e1be728e997306c6e/analysis/
https://ghostbin.com/paste/gwnod
https://twitter.com/cyb3rops/status/966996129912184832
https://t.co/kRG5Zlv85L
http://www.hexacorn.com/blog/2014/11/14/beyond-good-ol-run-key-part-18/
https://twitter.com/cyb3rops/status/966734829529260032
https://twitter.com/cyb3rops/status/966734280318685184
https://twitter.com/cyb3rops/status/966724430994006016
https://twitter.com/cyb3rops/status/966711205845970944
https://twitter.com/cyb3rops/status/966678965485277184
https://t.co/u0S7p8XSDo
https://github.com/NextronSystems/APTSimulator/blob/master/README.md
https://twitter.com/cyb3rops/status/966629189389602816
https://twitter.com/cyb3rops/status/966619439746748416
https://t.co/B6tqBRzbz3
https://t.co/VY7YdN5aO3
https://t.co/yVnUJ0xhA6
http://malware.one
https://www.reddit.com/user/visioncoder/comments/7z2epu/a_binary_substring_searchable_malware_catalog/
https://malware.one
https://twitter.com/cyb3rops/status/966615885506105344
https://t.co/MPcYeMI40o
https://t.co/jKcHdaGAcu
https://github.com/NextronSystems/APTSimulator/releases/tag/v0.5.1
https://github.com/mattifestation/WMI_Backdoor
https://twitter.com/cyb3rops/status/966382936193892353
https://twitter.com/cyb3rops/status/966382203641978880
https://t.co/QHGD5Ky53l
https://github.com/NextronSystems/APTSimulator/releases/tag/v0.5
https://twitter.com/cyb3rops/status/966353805972516864
https://t.co/rbYkaLEYig
https://github.com/floragunncom
https://twitter.com/cyb3rops/status/966351732090515457
https://t.co/AkQxF5zWvp
https://blog.avast.com/avast-tracks-down-tempting-cedar-spyware
https://twitter.com/cyb3rops/status/966273136965627904
https://t.co/xoYlvrbDpq
https://github.com/a0rtega/pafish
https://twitter.com/cyb3rops/status/966240834600435713
https://t.co/4u7u0z3o9T
https://www.joesecurity.org/blog/8409877569366580427
https://twitter.com/cyb3rops/status/966094872502505472
https://twitter.com/cyb3rops/status/965984575313899520
https://t.co/1I5jv4sqDO
https://www.nbcnews.com/news/north-korea/watch-out-north-korea-keeps-getting-better-hacking-n849381
https://twitter.com/cyb3rops/status/965978582152568834
https://twitter.com/cyb3rops/status/965953214456713217
https://t.co/hbytsQumhv
https://www.fireeye.com/blog/threat-research/2018/02/apt37-overlooked-north-korean-actor.html
https://twitter.com/cyb3rops/status/965945091033653248
https://t.co/FjmG43yVDm
https://github.com/Neo23x0/munin
https://twitter.com/cyb3rops/status/965650795092901889
https://t.co/gPaPxEo5XW
https://github.com/Neo23x0/yarGen
https://twitter.com/cyb3rops/status/965500970531684352
https://t.co/6AKZBq6h7b
https://blog.fortinet.com/2018/02/16/new-jrat-adwind-variant-being-spread-by-ups-scam5a861017942e7
https://twitter.com/cyb3rops/status/965500432419295232
https://t.co/PCLouOmbF3
https://isc.sans.edu/diary.html
https://twitter.com/cyb3rops/status/965212773897723904
https://twitter.com/cyb3rops/status/964959351759925248
https://twitter.com/cyb3rops/status/964919116451778561
https://t.co/RdEsdemswi
https://t.co/uSquLUKnUB
http://www.c0d3xpl0it.com/2018/02/adversary-emulation-system-flightsim.html
https://github.com/alphasoc/flightsim
https://twitter.com/cyb3rops/status/964802589152960513
https://twitter.com/cyb3rops/status/964776697030692864
https://t.co/5eGvTCZMLq
https://t.co/jMpCMjSpJb
https://t.co/WjQ2OiVjrK
https://ghostbin.com/paste/6ve3q
https://ghostbin.com/paste/jsph7
https://www.proofpoint.com/us/threat-insight/post/turla-apt-actor-refreshes-kopiluwak-javascript-backdoor-use-g20-themed-attack
https://twitter.com/cyb3rops/status/964536004534206465
https://twitter.com/cyb3rops/status/964456380320174080
https://t.co/NSE2EKoPMu
https://t.co/hffflDKq1P
http://www.sueddeutsche.de/digital/cyberangriffe-hacker-im-staatsauftrag-1.3868904
https://docs.google.com/spreadsheets/d/1H9_xaxQHpWaa4O_Son4Gx0YOIzlcBWMsdvePFX68EKU/pubhtml#
https://twitter.com/cyb3rops/status/964417263007707136
https://t.co/4QX2z9v0t8
https://www.bishopfox.com/blog/2018/02/hello-world-introducing-the-bishop-fox-cybersecurity-style-guide/
https://twitter.com/cyb3rops/status/964242400360173568
https://t.co/oA0gWv97CT
https://github.com/NextronSystems/APTSimulator/releases/tag/v0.4.2
https://twitter.com/cyb3rops/status/964202692489785345
https://t.co/0wNi27kpEf
https://t.co/N3YW0DvJqz
https://t.co/m646Zn4EuA
https://github.com/Neo23x0/sigma/blob/d6d031fc2357b5dfed5e672178f8fc821498c992/rules/windows/builtin/win_susp_process_creations.yml
https://github.com/Neo23x0/sigma/blob/f35c50049fa896dff91ff545cb199319172701e8/rules/windows/sysmon/sysmon_mshta_spawn_shell.yml
https://github.com/Neo23x0/sigma/blob/f35c50049fa896dff91ff545cb199319172701e8/rules/windows/builtin/win_possible_applocker_bypass.yml
https://twitter.com/cyb3rops/status/964194437340585984
https://twitter.com/cyb3rops/status/964192883942273024
https://t.co/PiHguGa5PC
https://t.co/SaJA6uVih5
https://www.virustotal.com/en/file/d8ef1c4f64a05b1abf100044fcb7048c9526d175a114cb90bd134b80783da146/analysis/
https://pastebin.com/XaVR0zt4
https://twitter.com/cyb3rops/status/963791251471568896
https://twitter.com/cyb3rops/status/963742992120020992
https://t.co/ePLu12TM2b
https://twitter.com/thor_scanner/status/963734663125782528
https://twitter.com/cyb3rops/status/963701229820968960
https://t.co/lm00LUpxxZ
http://transfer.sh
https://twitter.com/cyb3rops/status/963700265261195265
https://t.co/0XJ43E5ank
https://t.co/PDdZg3n5QS
https://www.virustotal.com/en/file/e68bb5d99d7b81e01795ff05b8e88d2b498df32232a18163e51d4bba07ea4b16/analysis/
https://transfer.sh/%28/uyPbf/library.exe%29.zip
https://twitter.com/cyb3rops/status/963532234237071362
https://t.co/Rhzf5JmlEW
https://blog.netspi.com/attacks-against-windows-pxe-boot-images/
https://twitter.com/cyb3rops/status/963486169119027200
https://t.co/rOkIitX8L3
https://any.run/
https://twitter.com/cyb3rops/status/963433161039458306
https://t.co/WOnrI2eIcH
https://t.co/YXz2LLfrAp
https://t.co/eQml8TAXs1
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_mal_scripts.yar#L121
https://ghostbin.com/paste/jhv4c
https://app.any.run/tasks/0017769f-f433-40a6-ad99-09de53080550
https://twitter.com/cyb3rops/status/963360826265604097
https://t.co/16mDhIc6Bx
https://t.co/P2682lVQjF
https://t.co/fG7espVt3U
https://www.virustotal.com/en/file/01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b/analysis/
https://www.virustotal.com/en/file/7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6/analysis/
https://www.virustotal.com/en/file/6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b/analysis/1518517408/
https://twitter.com/cyb3rops/status/963158513601171456
https://t.co/8tKlG6i5vO
https://t.co/QnrZEym3GA
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_olympic_destroyer.yar
http://blog.talosintelligence.com/2018/02/olympic-destroyer.html
https://twitter.com/cyb3rops/status/963096433946759171
https://t.co/TWrwMmsdYb
https://iranthreats.github.io/resources/notes-flying-kitten/
https://twitter.com/cyb3rops/status/962976168088567813
https://t.co/vpGBUQ6Hhz
https://twitter.com/JaromirHorejsi/status/962956775845703681
https://twitter.com/cyb3rops/status/962461801328861185
https://t.co/fRMoFsYufE
https://github.com/phage-nz/ph0neutria
https://twitter.com/cyb3rops/status/962340699541770240
https://t.co/YyLkRhzp9g
https://www.nextron-systems.com/2018/02/10/write-sigma-rules/
https://twitter.com/cyb3rops/status/962100276785303554
https://t.co/EeaO95fFxj
https://github.com/Neo23x0/sigma
https://twitter.com/cyb3rops/status/961922067569496064
https://t.co/GtEvV7eBzO
https://t.co/VOO7W8yY9s
https://github.com/Neo23x0/sigma/blob/master/rules/windows/builtin/win_susp_msiexec_web_install.yml
https://blog.trendmicro.com/trendlabs-security-intelligence/attack-using-windows-installer-msiexec-exe-leads-lokibot/
https://twitter.com/cyb3rops/status/961848663650652161
https://t.co/TmmGWAPIct
http://HnyPots.com
https://twitter.com/cyb3rops/status/961704354133827584
https://t.co/79MVwuuaWj
https://cyberarms.wordpress.com/2018/02/07/kali-linux-2018-released/
https://twitter.com/cyb3rops/status/961703834618814466
https://t.co/VOO7W8Qz10
https://blog.trendmicro.com/trendlabs-security-intelligence/attack-using-windows-installer-msiexec-exe-leads-lokibot/
https://twitter.com/cyb3rops/status/961539617274114049
https://t.co/3ZBPpGN5Rz
https://t.co/e5u4ny7QXQ
https://www.virustotal.com/en/file/d5334f6ed2790c436c94f3c33dcd98215a41ff55b4f1d468237a918510f9099a/analysis/1518083615/
https://www.virustotal.com/en/file/28c199ab320fbc2ccc0c36e969398f5b46685f559fdb62e3944aeef5cf05d589/analysis/1518082903/
https://twitter.com/cyb3rops/status/961532267700121600
https://t.co/FZDKMFUeNz
https://t.co/QrlMPOoO3O
https://t.co/MHRF3kZExW
https://www.virustotal.com/en/file/8ab3178dd890544aa850b7cd5c0cb55fdb049f55e270cd6b253ec9bb61986adb/analysis/
https://www.virustotal.com/en/file/395b1f2ec361cde80f2b0699e84ca439aede8fc8b3e29cc0eabf634e98480e0f/analysis/
https://github.com/kkirsche/CVE-2017-10271
https://twitter.com/cyb3rops/status/961212626385756160
https://t.co/91W2qZ5Dbr
https://www.fidelissecurity.com/threatgeek/2018/02/exposing-x509-vulnerabilities
https://twitter.com/cyb3rops/status/960780416927092737
https://t.co/KKnLTows7g
https://github.com/Neo23x0/APTSimulator#advanced-solutions
https://twitter.com/cyb3rops/status/960780117999083520
https://t.co/UyoGedMPe1
https://t.co/Tyunn6kcf4
https://www.securitywithoutborders.org/tools/hardentools.html
https://twitter.com/michael_eder_/status/960641562639290370
https://twitter.com/cyb3rops/status/960521341924454401
https://twitter.com/cyb3rops/status/960225402080976896
https://twitter.com/cyb3rops/status/960091773761712128
https://t.co/IIeMMJzWCp
http://www.sploitspren.com/2018-01-26-Windows-Privilege-Escalation-Guide/
https://twitter.com/cyb3rops/status/960067722699788289
https://t.co/1IdeDL0vkk
https://github.com/Neo23x0/APTSimulator/releases
https://twitter.com/cyb3rops/status/960057927771082753
https://t.co/oEOPhVcjMN
https://www.flashpoint-intel.com/blog/targeted-attacks-south-korean-entities/
https://twitter.com/cyb3rops/status/960051463396495360
https://twitter.com/cyb3rops/status/959906007437758464
https://twitter.com/cyb3rops/status/959846846330961922
https://t.co/3jLCi9C9wG
https://t.co/MYxCBKm2nv
https://t.co/O032c5sv2H
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_golddragon.yar
https://github.com/Neo23x0/sigma/blob/master/rules/proxy/proxy_ua_malware.yml#L25
https://securingtomorrow.mcafee.com/mcafee-labs/gold-dragon-widens-olympics-malware-attacks-gains-permanent-presence-on-victims-systems/
https://twitter.com/cyb3rops/status/959826513687404544
https://twitter.com/cyb3rops/status/959812310117339137
https://t.co/F3Ct8YEUx4
https://github.com/Neo23x0/APTSimulator
https://twitter.com/cyb3rops/status/959769241326161920
https://t.co/h6KPw1JdCG
https://github.com/gentilkiwi/mimikatz/issues/16
https://twitter.com/cyb3rops/status/959563833961582593
https://t.co/O032c5sv2H
https://securingtomorrow.mcafee.com/mcafee-labs/gold-dragon-widens-olympics-malware-attacks-gains-permanent-presence-on-victims-systems/
https://twitter.com/cyb3rops/status/959468116458819584
https://twitter.com/cyb3rops/status/959404163846361088
https://t.co/b9aKyK7q8w
https://www.timesofisrael.com/former-mk-says-iran-stole-specs-of-israeli-submarines-in-hack/
https://twitter.com/cyb3rops/status/959328206947053569
https://t.co/9SQ64ndrpa
https://twitter.com/travisbgreen/status/959172424787943424
https://twitter.com/cyb3rops/status/958974614788624384
https://t.co/SH3kBAOsJb
https://motherboard.vice.com/en_us/article/8xvzyp/hacking-team-investor-saudi-arabia
https://twitter.com/cyb3rops/status/958839023753154560
https://t.co/jJzHSveAVG
https://t.co/HDzXVIsrY0
https://t.co/uEMnV5Idbr
https://t.co/M7MHbvW0PJ
https://t.co/G9URoktlz8
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_lotusblossom_elise.yar
https://github.com/Neo23x0/sigma/blob/master/rules/apt/apt_elise.yml
https://community.rsa.com/community/products/netwitness/blog/2018/01/30/apt32-continues-asean-targeting
https://twitter.com/blu3_team/status/955971742329135105
https://www.accenture.com/t20180127T003755Z__w__/us-en/_acnmedia/PDF-46/Accenture-Security-Dragonfish-Threat-Analysis.pdf
https://twitter.com/cyb3rops/status/958817011034918912
https://t.co/uEMnV5Idbr
https://community.rsa.com/community/products/netwitness/blog/2018/01/30/apt32-continues-asean-targeting
https://twitter.com/cyb3rops/status/958728880931639296
https://t.co/Zr9zNw6FUX
https://t.co/XeXsNqbPRw
https://translate.google.com/translate?sl=auto&tl=en&js=y&prev=_t&hl=en&ie=UTF-8&u=http%3A%2F%2Fblog.alyac.co.kr%2F1519&edit-text=&act=url
http://cfile26.uf.tistory.com/attach/99657C3F5A7191DF01EF25
https://twitter.com/cyb3rops/status/958650266701697024
https://t.co/kEVmLvENSE
https://www.esentire.com/news-and-events/security-advisories/kaseya-virtual-system-administrator/
https://twitter.com/cyb3rops/status/958398212506898432
https://t.co/vCXR19xV3S
https://enigma0x3.net/2018/01/29/reviving-dde-using-onenote-and-excel-for-code-execution/
https://twitter.com/cyb3rops/status/958397745596858368
https://t.co/uDvITetkqd
https://arstechnica.com/gadgets/2018/01/new-windows-patch-disables-intels-bad-spectre-microcode-fix/
https://twitter.com/cyb3rops/status/958368817721331719
https://twitter.com/cyb3rops/status/958364110957228034
https://twitter.com/cyb3rops/status/958363617719668739
https://t.co/UEslqzPOxj
https://creativecommons.org/licenses/by/4.0/
https://twitter.com/cyb3rops/status/958021791385116674
https://t.co/jj9Q49FvjX
https://researchcenter.paloaltonetworks.com/2018/01/unit42-vermin-quasar-rat-custom-malware-used-ukraine/
https://twitter.com/cyb3rops/status/958019269463339008
https://twitter.com/cyb3rops/status/957962379651878912
https://t.co/XiQcR33QlH
https://www.nextron-systems.com/2018/01/22/write-yara-rules-detect-embedded-exe-files-ole-objects/
https://twitter.com/cyb3rops/status/957961034601500672
https://twitter.com/cyb3rops/status/957893911988654080
https://twitter.com/cyb3rops/status/957270919017267202
https://t.co/5txL9rGvYU
https://t.co/B7JiGySdHv
https://t.co/D1tUMpXIkZ
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_oilrig_rgdoor.yar
https://github.com/Neo23x0/sigma/blob/master/rules/windows/builtin/win_susp_iss_module_install.yml
https://researchcenter.paloaltonetworks.com/2018/01/unit42-oilrig-uses-rgdoor-iis-backdoor-targets-middle-east/
https://twitter.com/cyb3rops/status/957269950086959104
https://t.co/9b7jSNaK4a
https://github.com/Neo23x0/sigma/blob/master/rules/windows/builtin/win_susp_commands_recon_activity.yml
https://twitter.com/cyb3rops/status/957197310534078464
https://t.co/MQ3peZcI6G
https://github.com/Codehardt/go-elasticsearch
https://twitter.com/cyb3rops/status/957181604341977088
https://t.co/Y4e8YaFdtt
https://twitter.com/DirectoryRanger/status/957019701493878784
https://twitter.com/cyb3rops/status/956975420720762882
https://t.co/D1tUMpXIkZ
https://researchcenter.paloaltonetworks.com/2018/01/unit42-oilrig-uses-rgdoor-iis-backdoor-targets-middle-east/
https://twitter.com/cyb3rops/status/956969707554340864
https://t.co/hPRbZnDmtX
https://researchcenter.paloaltonetworks.com/2018/01/unit42-the-tophat-campaign-attacks-within-the-middle-east-region-using-popular-third-party-services/
https://twitter.com/cyb3rops/status/956525051158908931
https://twitter.com/cyb3rops/status/956146365691826176
https://twitter.com/cyb3rops/status/955809229176176642
https://t.co/AtuNI0dNLw
https://www.virustotal.com/en/file/2aa0d8cc7265fdaeb7ba5882dc4cf3d24d67708df74e5d0b568acec31ca0bb44/analysis/
https://twitter.com/cyb3rops/status/955789535878828034
https://t.co/GNaZxKpV0C
https://translate.google.com/translate?sl=auto&tl=en&js=y&prev=_t&hl=en&ie=UTF-8&u=http%3A%2F%2Fasec.ahnlab.com%2Fm%2F1086&edit-text=&act=url
https://twitter.com/cyb3rops/status/955520599505494016
https://t.co/mRR43yMAkU
https://blogs.cisco.com/security/talos/samsam-the-evolution-continues-netting-over-325000-in-4-weeks
https://twitter.com/cyb3rops/status/955451827969056768
https://t.co/aviTO0DLAj
https://attack.mitre.org/wiki/Technique/T1073
https://twitter.com/cyb3rops/status/955357116981743616
https://twitter.com/cyb3rops/status/955067479797256192
https://t.co/WnXuIKASlb
https://t.co/arIuU9vUtU
https://www.virustotal.com/en/file/616f73967ee41982fffdc4b83cd63ac433e69e3b623cae147eb8adf16201e6f6/analysis/
https://www.virustotal.com/en/file/4bcae1d48bf7c6a11c9c6e9fd3f2c12e96be00cf8f2cf609479f4528e672fe79/analysis/1516540348/
https://twitter.com/cyb3rops/status/954267397023813632
https://t.co/cFgPRjhUWS
https://bl.ocks.org/mbostock/4062045
https://twitter.com/cyb3rops/status/954260383958753280
https://t.co/H1euWhNlen
https://t.co/lBZj6M8tAM
https://vimeo.com/204086466
https://twitter.com/raffaelmarty/status/954029418447560705
https://twitter.com/cyb3rops/status/954061203797696513
https://t.co/ThHJOQDInY
http://blog.talosintelligence.com/2018/01/the-many-tentacles-of-necurs-botnet.html
https://twitter.com/cyb3rops/status/954055554376388608
https://t.co/pgCSyiw4Yl
http://www.clearskysec.com/charmingkitten/
https://twitter.com/cyb3rops/status/954019081321054210
https://t.co/89rt8ZKIfN
https://motherboard.vice.com/en_us/article/gyw3n9/lebanese-government-hackers-hit-thousands-of-victims-with-incredibly-simple-campaign
https://twitter.com/cyb3rops/status/953697253922877441
https://t.co/0ycJPdVWud
https://t.co/i6kUCjV2ih
https://www.virustotal.com/en/file/fa24f467eacc007afe246e7327dcbfc0541133a2788529bdf79054f29332ab73/analysis/
http://blog.talosintelligence.com/2012/06/web-shell-poses-as-gif.html
https://twitter.com/cyb3rops/status/953408613955112960
https://t.co/zdy9h1DQ5c
https://t.co/wtkLPXmfEt
https://t.co/uRywu8BK0l
https://www.virustotal.com/en/file/34b27a622b1ba26f4c7eb8281e84a60b1d5aabcaa454ab1d83b411c86ffaa800/analysis/
https://ghostbin.com/paste/qgd7g
https://xorl.wordpress.com/2017/12/11/microsoft-excel-csv-code-execution-injection-method/
https://twitter.com/cyb3rops/status/953005425439502336
https://twitter.com/cyb3rops/status/952953914940444672
https://twitter.com/cyb3rops/status/952122306507296768
https://t.co/fKJ6ilZFp6
https://www.washingtonpost.com/world/national-security/russian-military-was-behind-notpetya-cyberattack-in-ukraine-cia-concludes/2018/01/12/048d8506-f7ca-11e7-b34a-b85626af34ef_story.html
https://twitter.com/cyb3rops/status/951885681676247040
https://twitter.com/cyb3rops/status/951506509065793537
https://t.co/72b6JbEQg6
https://securingtomorrow.mcafee.com/mcafee-labs/north-korean-defectors-journalists-targeted-using-social-networks-kakaotalk/
https://twitter.com/cyb3rops/status/951360436439576576
https://t.co/OlJf2z4jkm
https://www.theregister.co.uk/2018/01/10/taiwanese_police_malware/
https://twitter.com/cyb3rops/status/950996790320476160
https://t.co/18L62fO9Gd
https://github.com/Neo23x0/Fenrir
https://twitter.com/cyb3rops/status/950792206641782784
https://t.co/9pVihDoUIU
https://www.welivesecurity.com/2018/01/09/turlas-backdoor-laced-flash-player-installer/
https://twitter.com/cyb3rops/status/950301299119198208
https://twitter.com/cyb3rops/status/950297882795675648
https://t.co/NhspqTdgXJ
https://t.co/AN23E0d9HO
http://archive.org
https://blogs.technet.microsoft.com/motiba/2017/12/07/sysinternals-sysmon-suspicious-activity-guide/
https://twitter.com/cyb3rops/status/950264386542858240
https://t.co/cfaeKowR78
https://t.co/rrJtQpHK3p
https://meltdownattack.com/meltdown.pdf
https://github.com/GitMirar/meltdown-poc/blob/master/README.md
https://twitter.com/cyb3rops/status/949956837759225857
https://twitter.com/cyb3rops/status/949805294816841728
https://t.co/gnlw8rr0Ed
https://github.com/lgeek/spec_poc_arm
https://twitter.com/cyb3rops/status/949796044837179397
https://twitter.com/cyb3rops/status/949792493922586625
https://twitter.com/cyb3rops/status/949659294642917376
https://twitter.com/cyb3rops/status/949658383212253185
https://twitter.com/cyb3rops/status/949634242509713409
https://twitter.com/cyb3rops/status/949314841809969156
https://t.co/0lqHaFFlJP
https://www.youtube.com/watch?v=6lBSrXWPZP0
https://twitter.com/cyb3rops/status/949288789809225728
https://twitter.com/cyb3rops/status/949284994547093505
https://twitter.com/cyb3rops/status/949044779802820609
https://t.co/AzgDqMaUJz
https://github.com/ionescu007/SpecuCheck
https://twitter.com/cyb3rops/status/948943118052872193
https://t.co/d0Gj3Dwgj6
https://t.co/n5SmAOKnlm
https://t.co/P2XufiU4IT
http://carnegieendowment.org/2018/01/04/iran-s-cyber-threat-espionage-sabotage-and-revenge-pub-75134
http://carnegieendowment.org/files/Iran_Cyber_Final_Full_v2.pdf
https://www.nytimes.com/2018/01/04/technology/iranian-hackers.html
https://twitter.com/cyb3rops/status/948935841451298816
https://t.co/oY9VVmfxoF
https://support.microsoft.com/en-za/help/4056898/windows-81-update-kb4056898
https://twitter.com/cyb3rops/status/948934441644081152
https://twitter.com/cyb3rops/status/948898659059593217
https://t.co/f5WCgaYkq1
https://t.co/PGyIhf40HL
https://github.com/Neo23x0/signature-base/blob/master/yara/pua_xmrig_monero_miner.yar
https://github.com/xmrig/xmrig
https://twitter.com/cyb3rops/status/948283601887596544
https://t.co/Om4orD2q3I
http://www.c0d3xpl0it.com/2017/12/process-doppelganging.html
https://twitter.com/cyb3rops/status/948241602895646722
https://t.co/1bx7g0LhEc
https://adsecurity.org/?p=3592
https://twitter.com/cyb3rops/status/948241373521641473
https://t.co/REjN6J8Zyp
https://pentestlab.blog/2018/01/02/command-and-control-images/amp/
https://twitter.com/cyb3rops/status/948240875192188928
https://t.co/tSlPP7gkZ9
https://blog.netspi.com/microsoft-word-unc-path-injection-image-linking/
https://twitter.com/cyb3rops/status/947936931022766080
https://t.co/uH4INwxaX7
https://t.co/tzTy0AK6kz
https://github.com/Neo23x0/Loki/releases/tag/v0.26.0
https://hshrzd.wordpress.com/pe-sieve/
https://twitter.com/cyb3rops/status/947873100661690369
https://twitter.com/cyb3rops/status/946417261841182723
https://t.co/ISEPvQoUfN
https://objective-see.com/malware.html
https://twitter.com/cyb3rops/status/945956738813046784
https://t.co/tzTy0AK6kz
https://hshrzd.wordpress.com/pe-sieve/
https://twitter.com/cyb3rops/status/945934727248252928
https://t.co/tDIVAlzohM
https://t.co/uAJMhbU20l
https://streaming.media.ccc.de/34c3
https://events.ccc.de/congress/2017/Fahrplan/timeline.html
https://twitter.com/cyb3rops/status/945750217047117825
https://t.co/xTT6ogSawA
https://t.co/IhtSHdadue
https://docs.google.com/spreadsheets/d/1fLq4wUXqxI4kDat4EemisgUkfE86pKSBoaGq4IelpXg/
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_hiddencobra_bankshot.yar
https://twitter.com/cyb3rops/status/945716530641293313
https://t.co/9S7qVra76S
https://blog.didierstevens.com/2017/12/26/cracking-encrypted-pdfs-part-1/amp/
https://twitter.com/cyb3rops/status/945716427465601025
https://t.co/PCLouOmbF3
https://isc.sans.edu/diary.html
https://twitter.com/cyb3rops/status/945663499874832385
https://twitter.com/cyb3rops/status/945588042080899072
https://t.co/xLsfYfodo5
https://t.co/SpN22BbMnw
https://t.co/qpdv3gswpU
https://t.co/TWDnjq6d5P
https://goo.gl/ZaL1gK
https://goo.gl/S1vSKa
https://goo.gl/7ufXDG
https://goo.gl/kQRg2A
https://twitter.com/cyb3rops/status/945453293429510144
https://t.co/qgRAK5TJ2C
https://t.co/9tkNMxEk1J
https://www.us-cert.gov/HIDDEN-COBRA-North-Korean-Malicious-Cyber-Activity
https://www.hybrid-analysis.com/sample/ec44ecd57401b3c78d849115f08ff046011b6eb933898203b7641942d4ee3af9?environmentId=120
https://twitter.com/cyb3rops/status/945294748415418368
https://t.co/77DhVvMiDu
https://support.apple.com/en-us/HT204609
https://twitter.com/cyb3rops/status/944870733548802048
https://t.co/JpH80Rd4QL
https://docs.google.com/spreadsheets/d/1dtChbQlqr4ZNZeOXWJu6tSTQ7x1b7dmgxiXJRTauUOQ/
https://twitter.com/cyb3rops/status/944723449150394378
https://twitter.com/cyb3rops/status/944474721776754688
https://t.co/HjXS0boXPo
https://www.virustotal.com/en/file/a672731513c6240dc856e76ed230c661e6ce2985dc4de6d3aa7cfeac4677f01d/analysis/
https://twitter.com/cyb3rops/status/944098347618590720
https://t.co/Cs6iAryYS4
https://www.welivesecurity.com/2017/12/21/sednit-update-fancy-bear-spent-year/
https://twitter.com/cyb3rops/status/943835091893194752
https://twitter.com/cyb3rops/status/943797527861714944
https://twitter.com/cyb3rops/status/943574322131685376
https://t.co/bULtRjuWV5
http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-11882-exploited-deliver-cracked-version-loki-infostealer/
https://twitter.com/cyb3rops/status/943510562129903618
https://twitter.com/cyb3rops/status/943480826406285312
https://t.co/zYuLDhHRvE
http://blog.trendmicro.com/trendlabs-security-intelligence/cyberespionage-campaign-sphinx-goes-mobile-anubisspy/
https://twitter.com/cyb3rops/status/943466506851160064
https://t.co/FjmG43yVDm
https://github.com/Neo23x0/munin
https://twitter.com/cyb3rops/status/943458900099125250
https://twitter.com/cyb3rops/status/943398985540173825
https://twitter.com/cyb3rops/status/943393845932380160
https://t.co/qiSfuDONHm
https://www.proofpoint.com/us/threat-insight/post/north-korea-bitten-bitcoin-bug-financially-motivated-campaigns-reveal-new
https://twitter.com/cyb3rops/status/943180143488618496
https://t.co/PCqOtlwZdI
https://translate.google.com/translate?sl=ja&tl=en&js=y&prev=_t&hl=en&ie=UTF-8&u=http%3A%2F%2Fblog.macnica.net%2Fblog%2F2017%2F12%2Fpost-8c22.html&edit-text=&act=url
https://twitter.com/cyb3rops/status/943151978166870021
https://t.co/SRDvpcDtwj
https://medium.com/@cyb3rops/the-distorted-risk-landscape-e83041eeea2d
https://twitter.com/cyb3rops/status/942919413694697472
https://twitter.com/cyb3rops/status/942914158907052032
https://t.co/vvEFoRWJPR
https://dnstrails.com/#/
https://twitter.com/cyb3rops/status/942530500496887808
https://t.co/6vMuYtCOaE
https://t.co/T5APzqWJdq
https://github.com/peewpw/Invoke-PSImage
https://twitter.com/TheHackersNews/status/942487406095118336
https://twitter.com/cyb3rops/status/942499282317402112
https://t.co/PCLouOmbF3
https://isc.sans.edu/diary.html
https://twitter.com/cyb3rops/status/942498793869672448
https://t.co/FdR7Q1W3vz
http://digital-forensics.sans.org/blog/2017/12/16/automated-hunting-of-software-update-supply-chain-attacks
https://twitter.com/cyb3rops/status/942053198331858944
https://t.co/DXnvST86WO
http://www.ubersec.com/2017/12/03/monitoring-for-windows-event-logs-and-the-untold-story-of-proper-elk-integration/
https://twitter.com/cyb3rops/status/942046871807254529
https://twitter.com/cyb3rops/status/941662786622455808
https://t.co/crILSfS8Fg
https://pastebin.com/Yurc9YeZ
https://twitter.com/cyb3rops/status/941576335524270080
https://twitter.com/cyb3rops/status/941295562493657088
https://t.co/XxSOSZPS9Y
https://www.tenable.com/blog/a-clarification-about-nessus-professional
https://twitter.com/cyb3rops/status/941219238928420864
https://t.co/InVuAg21Ji
https://securingtomorrow.mcafee.com/mcafee-labs/chinese-cybercriminals-develop-lucrative-hacking-services/
https://twitter.com/cyb3rops/status/941217427576279040
https://t.co/ES0Ugc7DUC
http://www.forbes.com/sites/joshsteimle/2014/05/14/am-i-the-only-techie-against-net-neutrality/
https://twitter.com/cyb3rops/status/940983427687505921
https://t.co/WzHRjK2wKd
https://github.com/future-architect/vuls
https://twitter.com/cyb3rops/status/940983289900421120
https://t.co/WzHRjK2wKd
https://github.com/future-architect/vuls
https://twitter.com/cyb3rops/status/940981962730287104
https://twitter.com/cyb3rops/status/940962472483225600
https://twitter.com/cyb3rops/status/940893672471777280
https://t.co/kzQPM81lxT
https://bgpmon.net/popular-destinations-rerouted-to-russia/
https://twitter.com/cyb3rops/status/940651619661774848
https://t.co/dxgFfF33bx
https://t.co/3vRIQpaFey
https://krakenrider.blogspot.de/
https://gist.github.com/Neo23x0/5c463b739f9f75f89d60b3f361d658c9
https://twitter.com/cyb3rops/status/940535934646448129
https://t.co/7EKFYqO80W
https://researchcenter.paloaltonetworks.com/2017/12/unit42-oilrig-performs-tests-twoface-webshell/
https://twitter.com/cyb3rops/status/940535515677446144
https://t.co/cle5X7N6Xs
http://forensicmethods.com/sans-memory-forensics
https://twitter.com/cyb3rops/status/940513455232217089
https://t.co/QAhr3uwb83
https://github.com/ThunderCls/xAnalyzer
https://twitter.com/cyb3rops/status/940204256400900096
https://t.co/RSwnDOSV1Q
http://blog.trendmicro.com/trendlabs-security-intelligence/untangling-the-patchwork-cyberespionage-group/
https://twitter.com/cyb3rops/status/940142464429711360
https://t.co/wKQRvI8nBw
https://twitter.com/WebBreacher/status/733619976708444160
https://twitter.com/cyb3rops/status/940137800778878976
https://t.co/9b7jSNaK4a
https://github.com/Neo23x0/sigma/blob/master/rules/windows/builtin/win_susp_commands_recon_activity.yml
https://twitter.com/cyb3rops/status/939464658586603520
https://t.co/Ev9stqWNRd
http://packetlife.net/library/cheat-sheets/
https://twitter.com/cyb3rops/status/939449552645398529
https://t.co/pE6tWdoUYj
https://t.co/LqhURg5fgF
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_apt34.yar
https://www.fireeye.com/blog/threat-research/2017/12/targeted-attack-in-middle-east-by-apt34.html
https://twitter.com/cyb3rops/status/939301222607151104
https://t.co/Ih2neUlQ8I
https://blog.fortinet.com/2017/12/07/a-peculiar-case-of-orcus-rat-targeting-bitcoin-investors
https://twitter.com/cyb3rops/status/939301091778363392
https://t.co/osHCoNUwwc
https://researchcenter.paloaltonetworks.com/2017/12/unit42-analysis-of-cve-2017-11882-exploit-in-the-wild/
https://twitter.com/cyb3rops/status/939300972165324800
https://t.co/Y5BE0wSjJS
https://blog.malwarebytes.com/threat-analysis/2017/12/interesting-disguise-employed-by-new-mac-malware/amp/
https://twitter.com/cyb3rops/status/939170366643228672
https://twitter.com/cyb3rops/status/939126039057453056
https://twitter.com/cyb3rops/status/938822387461738498
https://t.co/LqhURfNEp7
https://www.fireeye.com/blog/threat-research/2017/12/targeted-attack-in-middle-east-by-apt34.html
https://twitter.com/cyb3rops/status/938737062961917952
https://t.co/lBxmnaicLU
http://glogg.bonnefon.org/index.html
https://twitter.com/cyb3rops/status/938718484476891136
https://t.co/o5wo8ko8Ne
https://www.youtube.com/watch?v=LKWrQq7TNo8
https://twitter.com/cyb3rops/status/938449119550599168
https://t.co/kB1I1FQvlE
https://www.cyberscoop.com/roy-moore-scandal-phishing-attacks-apt19-fireeye-harvey-weinstein/
https://twitter.com/cyb3rops/status/938446362227638272
https://t.co/f9wAU2t1RB
https://protonmail.com/blog/thunderbird-outlook-encrypted-email/
https://twitter.com/cyb3rops/status/938420573289492481
https://t.co/NMn6KZHxfB
https://www.youtube.com/watch?v=-BjWbWBasWo
https://twitter.com/cyb3rops/status/938377481836359680
https://t.co/ADhc6bNJGh
https://github.com/woanware/LogViewer
https://twitter.com/cyb3rops/status/938134924690833408
https://t.co/17MFUhxURp
https://gist.github.com/Neo23x0/9fe88c0c5979e017a389b90fd19ddfee
https://twitter.com/cyb3rops/status/937988892027957248
https://t.co/hxt2m72BRe
https://www.mailsploit.com/index
https://twitter.com/cyb3rops/status/937711170877829121
https://t.co/8ldLQmp8qY
https://t.co/WHndXPYrwT
http://canarytokens.org/
http://blog.thinkst.com/2017/09/canarytokens-new-member-aws-api-key.html
https://twitter.com/cyb3rops/status/937703477517660160
https://t.co/zs63Q8lJmd
https://github.com/firehol/netdata/
https://twitter.com/cyb3rops/status/937702022371037184
https://t.co/6BJ7GXg77p
https://docs.microsoft.com/en-us/windows-server/identity/securing-privileged-access/securing-privileged-access-reference-material#ATLT_BM
https://twitter.com/cyb3rops/status/937294593472843776
https://t.co/qEhk6hmfaQ
https://isc.sans.edu/diary/rss/23095
https://twitter.com/cyb3rops/status/937239521418194944
https://t.co/If85XdlI7k
https://www.thelocal.de/20171201/german-government-wants-backdoor-access-to-every-digital-device-report
https://twitter.com/cyb3rops/status/937238220936445952
https://twitter.com/cyb3rops/status/937238034138976256
https://twitter.com/cyb3rops/status/937019899481919488
https://twitter.com/cyb3rops/status/936942045859647488
https://twitter.com/cyb3rops/status/936939737969037317
https://t.co/bDls7zLb60
https://github.com/TKCERT/sysmon-config/blob/master/sysmonconfig-export.xml
https://twitter.com/cyb3rops/status/936632338842378242
https://t.co/yNYm3WxM5P
http://www.abc.net.au/news/2017-12-01/chinese-hackers-targeting-australian-law-firms/9213520
https://twitter.com/cyb3rops/status/936590043178823680
https://twitter.com/cyb3rops/status/936506151784476672
https://t.co/lW4QE3mZyG
https://github.com/PatrolServer/bashscanner
https://twitter.com/cyb3rops/status/936311167991115778
https://t.co/gnfHnAX3LD
https://github.com/Neo23x0/Loki#package-loki-with-a-private-rule-set
https://twitter.com/cyb3rops/status/936242405040427008
https://t.co/I20908Ekm6
https://github.com/mitre/caldera
https://twitter.com/cyb3rops/status/936146178550484992
https://twitter.com/cyb3rops/status/936138868780404736
https://t.co/vuG4Kq8FzU
https://nosecurecode.blog/2017/07/29/visualizing-tracking-sysmon-events-with-sysmon-view-1-2/
https://twitter.com/cyb3rops/status/936129346162524160
https://t.co/pxqMj6QK4t
http://goo.gl/YJ8Y8j
https://twitter.com/cyb3rops/status/935952435742461952
https://t.co/2MFS0Mi8vL
https://researchcenter.paloaltonetworks.com/2017/11/unit42-uboatrat-navigates-east-asia/
https://twitter.com/cyb3rops/status/935951382338785282
https://t.co/X3igvJXB5z
https://www.blackhillsinfosec.com/hide-payload-ms-office-document-properties/
https://twitter.com/cyb3rops/status/935778091066159105
https://t.co/58ebKTVNiC
http://www.zdnet.com/article/nsa-leak-inscom-exposes-red-disk-intelligence-system/
https://twitter.com/cyb3rops/status/935627705042849792
https://twitter.com/cyb3rops/status/935584713594597376
https://t.co/JfIDBtpy9m
https://t.co/99tFi8LkRI
https://en.wikipedia.org/wiki/Levenshtein_distance
http://www.hexacorn.com/blog/2015/12/18/the-typographical-and-homomorphic-abuse-of-svchost-exe-and-other-popular-file-names/
https://twitter.com/cyb3rops/status/935526197441781761
https://t.co/5tQ0C42hMZ
http://tabula.technology/
https://twitter.com/cyb3rops/status/935435898392596480
https://t.co/zg8OdoYdHN
https://www.justice.gov/opa/pr/us-charges-three-chinese-hackers-who-work-internet-security-firm-hacking-three-corporations
https://twitter.com/cyb3rops/status/935434005654188032
https://t.co/dYUS8wURZr
http://malwageddon.blogspot.com/2017/11/iris-h-alpha-updated-lnk-file-parser.html
https://twitter.com/cyb3rops/status/935430008780312577
https://t.co/L8QFviivTK
https://blogs.cisco.com/security/talos/rokrat-reloaded
https://twitter.com/cyb3rops/status/935149049719808005
https://t.co/7wOqqhORxT
https://hybrid-analysis.blogspot.de/2017/11/6-new-hybrid-analysis-features-you.html
https://twitter.com/cyb3rops/status/935134043137609728
https://t.co/2McUjiWjpO
https://t.co/do6abhLKra
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_system_exe_anomaly.yml
https://app.any.run/tasks/3cb68f0c-c094-4253-99e2-fb7748fd1b82
https://twitter.com/cyb3rops/status/935038219263111168
https://t.co/QkIjL7Cwgt
https://arno0x0x.wordpress.com/2017/11/20/windows-oneliners-to-download-remote-payload-and-execute-arbitrary-code/
https://twitter.com/cyb3rops/status/934206438603481088
https://twitter.com/cyb3rops/status/933838925927469056
https://t.co/gg10V6Y32J
https://www.bleepingcomputer.com/news/deals/best-black-friday-antivirus-vpn-and-computer-security-deals/
https://twitter.com/cyb3rops/status/933801652125040641
https://t.co/BqC3e5BwgX
https://github.com/Neo23x0/signature-base/blob/master/yara/exploit_cve_2017_11882.yar
https://twitter.com/cyb3rops/status/933743395037761536
https://twitter.com/cyb3rops/status/933722018574368768
https://twitter.com/cyb3rops/status/933709103746215937
https://t.co/gmYnqz6JP1
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon
https://twitter.com/cyb3rops/status/933485873362063360
https://t.co/8OZ5PNSabc
https://t.co/idDbBF96WA
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_exploit_cve_2017_11882.yml
https://www.hybrid-analysis.com/sample/2a4ae284c76f868fc51d3bb65da8caa6efacb707f265b25c30f34250b76b7507?environmentId=100
https://twitter.com/cyb3rops/status/933473405105594374
https://t.co/nVz1ZeIfQH
https://www.hybrid-analysis.com/search?query=vxfamily:Exploit.CVE-2017-11882.Gen
https://twitter.com/cyb3rops/status/933385692398440449
https://t.co/VHlsp8bnNl
https://pastebin.com/pro?coupon=blackfri
https://twitter.com/cyb3rops/status/933362920171491329
https://t.co/P7RzTAe0T0
https://gist.github.com/
https://twitter.com/cyb3rops/status/933336301604089857
https://t.co/IyxTcdWoiP
https://t.co/5AzdVoMBCc
https://www.virustotal.com/#/graph-overview
https://www.youtube.com/watch?v=17yRtGFq9xc
https://twitter.com/cyb3rops/status/933278412080402432
https://t.co/RcgaK79rS2
https://www.crowdstrike.com/blog/badrabbit-ms17-010-exploitation-part-two-elevate-privileges/
https://twitter.com/cyb3rops/status/933253805516271618
https://twitter.com/cyb3rops/status/933251140501700608
https://t.co/Jlwkk2BSNg
https://soundcloud.com/florian-roth-10/ayn-rand-capitalism-the-ideal
https://twitter.com/cyb3rops/status/933248169487474689
https://twitter.com/cyb3rops/status/933241072112635906
https://t.co/ES0UgbQ2w2
https://t.co/hWWZKwUXZG
https://t.co/vetnYE6c19
http://www.forbes.com/sites/joshsteimle/2014/05/14/am-i-the-only-techie-against-net-neutrality/
https://truthonthemarket.com/2015/04/09/dont-tread-on-my-internet/
http://reason.com/archives/2017/07/18/net-neutrality-supporters-should-actuall
https://twitter.com/cyb3rops/status/933232385524621312
https://t.co/zHY4vrEIIv
https://github.com/Neo23x0/signature-base/issues
https://twitter.com/cyb3rops/status/933069443084750848
https://t.co/oolkNkK3mx
http://blog.erratasec.com/2017/11/why-linus-is-right-as-usual.html
https://twitter.com/cyb3rops/status/933040008348557312
https://twitter.com/cyb3rops/status/933039205814554626
https://twitter.com/cyb3rops/status/933022409724170241
https://twitter.com/cyb3rops/status/932952008390213632
https://t.co/iCvwybvIkB
https://t.co/6N82vp306X
https://github.com/Neo23x0/sigma/tree/master/rules/application
https://www.owasp.org/images/7/72/OWASP_Top_10-2017_%28en%29.pdf.pdf
https://twitter.com/cyb3rops/status/932921586541359104
https://t.co/VgAk3yQ1Vc
https://researchcenter.paloaltonetworks.com/2017/11/unit42-operation-blockbuster-goes-mobile/
https://twitter.com/cyb3rops/status/932875735123021825
https://twitter.com/cyb3rops/status/932705828087521282
https://t.co/TKXHXtIwlI
https://t.co/2iyO6i5W0Z
https://www.moi.gov.sa/wps/portal/ncsc/home/Alerts/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8ziDQ1dLDyM3A18_M29XQwcnQKD3UyN3Y0dfQ30w8EKDDxNTDwMTYy8_YMMDAwcjcM8PIwtnA0N3I31o4jRj0cBSL8BDuBI0H4j4uzHYwFB_VEQJ-JxASE_BCcW6RfkhoaGRhhkmTgqKgIAiYhXhA!!/dz/d5/L0lHSkovd0RNQUZrQUVnQSEhLzROVkUvZW4!/
https://twitter.com/NCSC_SA/status/932535336454017025
https://twitter.com/cyb3rops/status/932665163941076998
https://t.co/T3FD5EtQb0
https://www.amazon.com/gp/product/0692911561/
https://twitter.com/cyb3rops/status/932627705488728064
https://t.co/vXzuzY0cec
https://t.co/JxffPDIYIO
https://www.cfr.org/interactive/cyber-operations
https://twitter.com/cyb3rops/status/735591646935449602
https://twitter.com/cyb3rops/status/932553881841733633
https://t.co/SxZlLWcSEf
https://www.forbes.com/sites/thomasbrewster/2017/10/05/facebook-fake-hacks-deloitte-employee-iran-cyber-spies-suspected/#268fce65188c
https://twitter.com/cyb3rops/status/932522532909051910
https://twitter.com/cyb3rops/status/931932948504481793
https://t.co/7Uas7jrmOO
https://www.upguard.com/breaches/cloud-leak-centcom
https://twitter.com/cyb3rops/status/931655671753388035
https://t.co/IB6Ilk2P8T
https://www.fidelissecurity.com/threatgeek/2017/11/tracking-emotet-payload-icedid
https://twitter.com/cyb3rops/status/931127861624307713
https://t.co/eEMT7gn2oy
https://github.com/secureworks/flowsynth
https://twitter.com/cyb3rops/status/931108443045466112
https://twitter.com/cyb3rops/status/931094788509720577
https://t.co/2Kv67eBeR5
https://twitter.com/yaps8/status/930807018964652032
https://twitter.com/cyb3rops/status/931055314203561984
https://t.co/942mu6tRDo
http://rewtin.blogspot.com/2017/11/abusing-user-shares-for-efficient.html
https://twitter.com/cyb3rops/status/930931450874036224
https://t.co/10u1wVKlIu
http://tweetenapp.com/
https://twitter.com/cyb3rops/status/930903309476683776
https://t.co/RAsMIOMT4P
https://t.co/gEfgOpKdft
https://github.com/Neo23x0/signature-base/commits/master
https://docs.google.com/spreadsheets/d/1oTrxBM9TbRwfINauoJkq0lDEm38trgN-zucmHxk_HfA/edit?usp=sharing
https://twitter.com/cyb3rops/status/930855944694661120
https://t.co/OYfvh0x3mi
https://blog.trendmicro.com/trendlabs-security-intelligence/new-emotet-hijacks-windows-api-evades-sandbox-analysis/
https://twitter.com/cyb3rops/status/930855342090735616
https://t.co/mZ5wY70EhE
https://blogs.cisco.com/security/talos/vulnerability-spotlight-libxls
https://twitter.com/cyb3rops/status/930847542778253313
https://t.co/vAJp0qT5xU
http://www.intezer.com/intezer-analyze-free-community-edition/
https://twitter.com/cyb3rops/status/930726594695651328
https://t.co/FmKuBTV2Zz
https://researchcenter.paloaltonetworks.com/2017/11/unit42-muddying-the-water-targeted-attacks-in-the-middle-east/
https://twitter.com/cyb3rops/status/930714271843078146
https://twitter.com/cyb3rops/status/930584523615735808
https://twitter.com/cyb3rops/status/930579888943312897
https://t.co/DDK4MZ0QC7
https://www.us-cert.gov/ncas/alerts/TA17-318B
https://twitter.com/cyb3rops/status/930567956639174657
https://twitter.com/cyb3rops/status/930565543362551808
https://t.co/oQxM4rhlVd
https://www.hybrid-analysis.com/sample/07c44729e2c570b37db695323249474831f5861d45318bf49ccf5d2f5c8ea1cd?environmentId=100
https://twitter.com/cyb3rops/status/930557055806660613
https://twitter.com/cyb3rops/status/930554149825064960
https://twitter.com/cyb3rops/status/930552929802649600
https://t.co/hcI2YoIs8T
https://t.co/oQxM4rhlVd
https://www.virustotal.com/en/file/07c44729e2c570b37db695323249474831f5861d45318bf49ccf5d2f5c8ea1cd/analysis/
https://www.hybrid-analysis.com/sample/07c44729e2c570b37db695323249474831f5861d45318bf49ccf5d2f5c8ea1cd?environmentId=100
https://twitter.com/cyb3rops/status/930541956232613888
https://t.co/gAeg8xnbhv
https://t.co/RyaWHLdVLZ
https://www.virustotal.com/en/file/930118fdf1e6fbffff579e65e1810c8d91d4067cbbce798c5401cf05d7b4c911/analysis/
https://twitter.com/wxs/status/930510915841036288
https://twitter.com/cyb3rops/status/930488556082073600
https://t.co/Mn40yAiPul
https://www.darkoperator.com/blog/2017/11/11/windows-defender-exploit-guard-asr-rules-for-office
https://twitter.com/cyb3rops/status/930484601419689989
https://t.co/3F9UfYch5W
https://securelist.com/apt-trends-report-q3-2017/83162/
https://twitter.com/cyb3rops/status/930370441289584640
https://t.co/O9ihSYCmQo
https://zeltser.com/hybrid-analysis-acquired-by-crowdstrike/
https://twitter.com/cyb3rops/status/930334125860405251
https://twitter.com/cyb3rops/status/930149160447246337
https://t.co/C8NTPfHBQz
http://www.hexacorn.com/blog/2013/05/16/uvwatauavawh-meet-the-pushy-string/
https://twitter.com/cyb3rops/status/929835432153681920
https://t.co/CBxhpmlGMm
https://www.csoonline.com/article/3236721/security/homeland-security-team-remotely-hacked-a-boeing-757.html
https://twitter.com/cyb3rops/status/929681326738956289
https://t.co/go6YgYqdZe
https://github.com/Neo23x0/radiocarbon/blob/master/README.md
https://twitter.com/cyb3rops/status/929635981082406912
https://twitter.com/cyb3rops/status/929452419452473344
https://twitter.com/cyb3rops/status/929449739334111238
https://t.co/Vlp17F3r6e
https://github.com/Neo23x0/radiocarbon
https://twitter.com/cyb3rops/status/929393809418571776
https://t.co/Sj3YPFUqpS
https://www.crowdstrike.com/blog/in-depth-analysis-of-the-ccleaner-backdoor-stage-2-dropper-and-its-payload/
https://twitter.com/cyb3rops/status/929393614186274816
https://t.co/dsyhcFCp4H
http://securityblog.gr/4474/nginx-hardening-security-script/
https://twitter.com/cyb3rops/status/929337276626341889
https://t.co/ragesiTUr4
https://bogner.sh/2017/11/avgater-getting-local-admin-by-abusing-the-anti-virus-quarantine/
https://twitter.com/cyb3rops/status/929291884312309760
https://t.co/vt7XRCu84v
https://researchcenter.paloaltonetworks.com/2017/11/unit42-new-malware-with-ties-to-sunorcal-discovered/
https://twitter.com/cyb3rops/status/929287846019715072
https://twitter.com/cyb3rops/status/929273105020747776
https://t.co/vqznSGlGSN
https://www.iranhumanrights.org/2017/11/irgc-hackers-target-iranian-journalists-based-abroad-with-malware-campaign/
https://twitter.com/cyb3rops/status/929269133107236864
https://twitter.com/cyb3rops/status/929117746964639744
https://t.co/2t26KBV0to
https://www.dropbox.com/sh/umip8ndplytwzj1/AADdLRsrpJL1CM1vPVAxc5JZa?dl=0&lst=
https://twitter.com/cyb3rops/status/928987251396235264
https://twitter.com/cyb3rops/status/928951604929290240
https://t.co/EqSeNXw6I5
https://github.com/Neo23x0/sigma/blob/master/rules/windows/malware/win_mal_adwind.yml
https://twitter.com/cyb3rops/status/928847689189650432
https://t.co/ArB8jKrtPL
https://github.com/Neo23x0/sigma/blob/master/tools/config/logpoint-windows-all.yml
https://twitter.com/cyb3rops/status/928762359736348674
https://twitter.com/cyb3rops/status/928709077743689734
https://t.co/zbIeo1BeXW
https://reaqta.com/2017/11/short-journey-darkvnc/
https://twitter.com/cyb3rops/status/928707838679056385
https://t.co/YRyOgujl5u
http://blog.virustotal.com/2017/11/malware-analysis-sandbox-aggregation.html
https://twitter.com/cyb3rops/status/928621970291396608
https://t.co/tGicFyggHu
https://www.syspass.org/index-en.html
https://twitter.com/cyb3rops/status/928605149228093440
https://twitter.com/cyb3rops/status/928567254450626561
https://t.co/yU2TMgXKrb
http://www.nextron-systems.com/
https://twitter.com/cyb3rops/status/928536132924723201
https://t.co/U0aEiIXRMb
https://researchcenter.paloaltonetworks.com/2017/11/unit42-oilrig-deploys-alma-communicator-dns-tunneling-trojan/
https://twitter.com/cyb3rops/status/928535130863493120
https://twitter.com/cyb3rops/status/928529173127286784
https://t.co/eB1plrCHk2
https://github.com/Neo23x0/sigma/blob/master/rules/windows/builtin/win_usb_device_plugged.yml
https://twitter.com/cyb3rops/status/928512715395563520
https://t.co/97vP6SwF97
https://twitter.com/h0t_max/status/928269320064450560
https://twitter.com/cyb3rops/status/928384640980848640
https://twitter.com/cyb3rops/status/928380156644818944
https://twitter.com/cyb3rops/status/928377555857625088
https://t.co/c99wlvAuyu
https://twitter.com/Hexacorn/status/928376997646143490
https://twitter.com/cyb3rops/status/928310688094732288
https://t.co/sVlPXaFBI4
https://t.co/3gsvkZ1Qle
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_bronze_butler.yar
https://github.com/Neo23x0/sigma/blob/master/rules/proxy/proxy_ua_apt.yml
https://twitter.com/cyb3rops/status/928163552489345029
https://t.co/JWlNzsZl2l
https://t.co/B2QyZ3EWNU
https://www.symantec.com/connect/blogs/sowbug-cyber-espionage-group-targets-south-american-and-southeast-asian-governments
https://twitter.com/MalwareLion/status/928013331021160450
https://twitter.com/cyb3rops/status/928163050485637120
https://t.co/9OUkLaaskG
https://blog.bufferapp.com/optimal-length-social-media
https://twitter.com/cyb3rops/status/928157090878771200
https://t.co/hqhr4fiMAv
https://www.bleepingcomputer.com/news/security/microsoft-releases-standards-for-highly-secure-windows-10-devices/
https://twitter.com/cyb3rops/status/928155904595329024
https://twitter.com/cyb3rops/status/928044245834981380
https://t.co/LagU7IUFxq
https://t.co/VGan4zNZrq
https://github.com/Neo23x0/sigma/blob/master/rules/proxy/proxy_download_susp_tlds_blacklist.yml
https://github.com/Neo23x0/sigma/blob/master/rules/proxy/proxy_download_susp_tlds_whitelist.yml
https://twitter.com/cyb3rops/status/928010775356231680
https://t.co/OxKueHr1t2
https://gchq.github.io/CyberChef/
https://twitter.com/cyb3rops/status/927997410592292864
https://t.co/BpDluEywAn
https://securingtomorrow.mcafee.com/mcafee-labs/apt28-threat-group-adopts-dde-technique-nyc-attack-theme-in-latest-campaign/
https://twitter.com/cyb3rops/status/927948902703206401
https://t.co/tHf7tba9qk
http://blog.trendmicro.com/trendlabs-security-intelligence/redbaldknightbronze-bulters-daserf-backdoor-now-using-steganography/
https://twitter.com/cyb3rops/status/927925115626680322
https://twitter.com/cyb3rops/status/927875830742691841
https://t.co/lE8UjLzg8W
https://t.co/MUdPJqhI9w
https://www.symantec.com/connect/blogs/shady-tld-research-gdn-and-our-2016-wrap
https://promos.mcafee.com/en-US/PDF/MTMW_Report.pdf
https://twitter.com/cyb3rops/status/927872023292010496
https://t.co/juG6AVBXjN
https://www.bleepingcomputer.com/news/security/crypto-bugs-in-ieee-standard-expose-intellectual-property-in-plaintext/
https://twitter.com/cyb3rops/status/927840515260932096
https://t.co/BmwB8dbARG
https://t.co/tc04YoXtRH
https://www.cfr.org/interactive/cyber-operations?utm_medium=pitch&utm_source=poltico&utm_campaign=cyber-tracker
https://docs.google.com/spreadsheets/d/1H9_xaxQHpWaa4O_Son4Gx0YOIzlcBWMsdvePFX68EKU/edit#gid=361554658
https://twitter.com/cyb3rops/status/927527937804562435
https://t.co/ZQsm3BCWYK
https://github.com/Neo23x0/sigma/commits/master
https://twitter.com/cyb3rops/status/927521151118663680
https://twitter.com/cyb3rops/status/927177293243600896
https://t.co/uLJzw85TDD
https://keybase.io/blog/encrypted-git-for-everyone#_
https://twitter.com/cyb3rops/status/927172613398548482
https://twitter.com/cyb3rops/status/926843920113389569
https://t.co/pPRaLoGmYt
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_office_shell.yml
https://twitter.com/cyb3rops/status/926790499813355520
https://t.co/4TXTlNsjnz
https://education.github.com/pack
https://twitter.com/cyb3rops/status/926773407479341056
https://twitter.com/cyb3rops/status/926373328998359040
https://t.co/qIYCuEoCey
http://www.clearskysec.com/leetmx/
https://twitter.com/cyb3rops/status/926372650385108992
https://t.co/35kloDjScb
http://blog.talosintelligence.com/2017/11/zeus-panda-campaign.html
https://twitter.com/cyb3rops/status/926371548155600896
https://t.co/oZjg0ErLLs
https://researchcenter.paloaltonetworks.com/2017/11/unit42-recent-inpage-exploits-lead-multiple-malware-families/
https://twitter.com/cyb3rops/status/926212092868333568
https://t.co/kvKxvJkOAW
https://youtu.be/k5ToL0J7uL0
https://twitter.com/cyb3rops/status/926172263694700544
https://t.co/RWPLDUeq4e
http://www.pwc.co.uk/issues/cyber-security-data-privacy/research/the-keyboys-are-back-in-town.html
https://twitter.com/cyb3rops/status/926153924767297537
https://t.co/SROJBb65Ra
https://blog.g3rt.nl/upgrade-your-ssh-keys.html
https://twitter.com/cyb3rops/status/925807448316895232
https://t.co/OH6rC0V2Ec
https://github.com/Neo23x0/sigma/blob/master/rules/windows/builtin/win_susp_process_creations.yml
https://twitter.com/cyb3rops/status/925762009861369856
https://t.co/W42IiD3Aru
https://securelist.com/the-silence/83009/
https://twitter.com/cyb3rops/status/925658787700146176
https://t.co/bkkv5AiEnY
https://www.reuters.com/article/us-northkorea-missiles-cybercrime/north-korea-hacked-daewoo-shipbuilding-took-warship-blueprints-south-korea-lawmaker-idUSKBN1D00EX
https://twitter.com/cyb3rops/status/925134669812830208
https://t.co/B6REOkJPHN
http://www.harmj0y.net/blog/redteaming/a-guide-to-attacking-domain-trusts/
https://twitter.com/cyb3rops/status/925020692122341376
https://t.co/cnPTsRmpKT
https://securelist.com/gaza-cybergang-updated-2017-activity/82765/
https://twitter.com/cyb3rops/status/925020179918188545
https://t.co/fVV1lxAqIo
https://www.welivesecurity.com/2017/10/30/windigo-ebury-update-2/
https://twitter.com/cyb3rops/status/925019772429000705
https://t.co/hbr8yVeAkT
http://www.fireeye.com/blog/threat-research/2017/10/gocrack-managed-password-cracking-tool.html
https://twitter.com/cyb3rops/status/924421334943322113
https://t.co/9IQ0YJyQCw
https://www.sneakymonkey.net/2016/10/30/raspberrypi-nsm/
https://twitter.com/cyb3rops/status/924295758488227841
https://twitter.com/cyb3rops/status/924196940010737664
https://t.co/FjmG43yVDm
https://github.com/Neo23x0/munin
https://twitter.com/cyb3rops/status/924172219097473024
https://t.co/Lzb3gYUlMn
https://www.bellingcat.com/resources/case-studies/2017/10/27/bahamut-revisited-cyber-espionage-middle-east-south-asia/
https://twitter.com/cyb3rops/status/923435637067395072
https://t.co/B4R635giRR
https://github.com/Neo23x0/signature-base/blob/master/yara/crime_badrabbit.yar
https://twitter.com/cyb3rops/status/923301914804084736
https://t.co/JRwbjAb2eq
https://zealdocs.org/
https://twitter.com/cyb3rops/status/923257359476150272
https://t.co/2NfFJW2ALX
https://medium.com/@cyb3rops/how-to-post-process-yara-rules-generated-by-yargen-121d29322282?source=linkShare-2fdc032a69b3-1508956476
https://twitter.com/cyb3rops/status/923255669758849024
https://twitter.com/cyb3rops/status/923116827345072129
https://t.co/JZrVrks6Mm
https://www.hybrid-analysis.com/sample/2f8c54f9fa8e47596a3beff0031f85360e56840c77f71c6a573ace6f46412035?environmentId=100
https://twitter.com/cyb3rops/status/923099325084917762
https://twitter.com/cyb3rops/status/923081818013945856
https://t.co/B4R635giRR
https://github.com/Neo23x0/signature-base/blob/master/yara/crime_badrabbit.yar
https://twitter.com/cyb3rops/status/923077513374502912
https://t.co/Z0tOlxHRhS
https://github.com/Neo23x0/sigma/blob/master/rules/proxy/proxy_susp_flash_download_loc.yml
https://twitter.com/cyb3rops/status/922912838380765185
https://twitter.com/cyb3rops/status/922772958866796544
https://t.co/ozq1AHowBa
http://www.fireeye.com/blog/threat-research/2017/10/fakenet-content-based-protocol-detection.html
https://twitter.com/cyb3rops/status/922771271959678977
https://t.co/2ePQOZCCnP
https://www.securitysift.com/abusing-microsoft-office-dde/
https://twitter.com/cyb3rops/status/922479192394158081
https://t.co/A9bUWT4HWL
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_sofacy_oct17_camp.yar
https://twitter.com/cyb3rops/status/922467324711591936
https://t.co/OyAySRRwWl
https://medium.com/@cyb3rops/how-to-post-process-yara-rules-generated-by-yargen-121d29322282
https://twitter.com/cyb3rops/status/922420320606277632
https://twitter.com/cyb3rops/status/922420052724473856
https://twitter.com/cyb3rops/status/922366163643981824
https://twitter.com/cyb3rops/status/922355461193682944
https://t.co/AhmTOHp7DC
http://blog.talosintelligence.com/2017/10/cyber-conflict-decoy-document.html
https://twitter.com/cyb3rops/status/922079492125978624
https://twitter.com/cyb3rops/status/922076248104472577
https://t.co/XVjztwRQAj
https://medium.com/@cyb3rops/improving-yara-rules-from-ta17-293a-dc9ab6e1818b
https://twitter.com/cyb3rops/status/921804875788374018
https://t.co/DZbENVGKJs
https://github.com/Neo23x0/signature-base/blob/master/yara/thor_inverse_matches.yar
https://twitter.com/cyb3rops/status/921799386962599936
https://t.co/Kmgece8CAw
https://t.co/V3XIGkpJ18
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_ta17_293A.yar
https://github.com/Neo23x0/signature-base/commit/4755027693e851d6402d68e4f5dd316c0c43575a
https://twitter.com/cyb3rops/status/921729629534212101
https://twitter.com/cyb3rops/status/921713582630416384
https://t.co/UqDaLJN54h
https://www.us-cert.gov/ncas/alerts/TA17-293A
https://twitter.com/cyb3rops/status/921395705280942080
https://twitter.com/cyb3rops/status/920926410218328065
https://twitter.com/cyb3rops/status/920893578011971584
https://t.co/vTY8VLprJw
http://www.bbc.com/news/technology-41640976
https://twitter.com/cyb3rops/status/920681272296517632
https://t.co/OcWt59w3Hc
https://www.youtube.com/watch?v=uHnREsYu9Cs
https://twitter.com/cyb3rops/status/920625772359974912
https://twitter.com/cyb3rops/status/920621166393483264
https://twitter.com/cyb3rops/status/920616947900874753
https://twitter.com/cyb3rops/status/920587566818168832
https://t.co/AZ5Et5Nq27
https://www.virustotal.com/en/file/def102f4764cde2e79bcf9dd44220219ee3742ca320b5a1302e533cf8a8699d2/analysis/
https://twitter.com/cyb3rops/status/920585041008308224
https://t.co/KKsbthGjOj
https://2017.hack.lu/talks/#sigma---generic-signatures-for-log-events
https://twitter.com/cyb3rops/status/920571036235714560
https://t.co/AT0EWkwt3s
https://www.proofpoint.com/us/threat-insight/post/leviathan-espionage-actor-spearphishes-maritime-and-defense-targets
https://twitter.com/cyb3rops/status/920402867445469189
https://t.co/aT1esBHzNO
https://blog.malwarebytes.com/threat-analysis/2017/10/old-ms-office-feature-weaponized-in-malspam-attacks/
https://twitter.com/cyb3rops/status/920335667556765696
https://t.co/LO3JaUCYwH
https://www.hybrid-analysis.com/sample/8ea59e8ba3a72d07c46015f54c90f0758bce5799e3014b6b02f2e9a32c7106e6?environmentId=100
https://twitter.com/cyb3rops/status/920331967731847168
https://t.co/h06pQkKdiJ
https://github.com/Microsoft/DbgShell
https://twitter.com/cyb3rops/status/920318010056953860
https://t.co/8koLBFLS72
https://blog.trendmicro.com/trendlabs-security-intelligence/a-closer-look-at-north-koreas-internet/
https://twitter.com/cyb3rops/status/920174604454330368
https://t.co/0uwEaSzDAw
https://baesystemsai.blogspot.de/2017/10/taiwan-heist-lazarus-tools.html
https://twitter.com/cyb3rops/status/919946074281988096
https://t.co/VOVQ63yEvi
https://spl.ninja/2017/10/15/siem-use-cases-development-workflow-agile-all-the-things/
https://twitter.com/cyb3rops/status/919312287328079872
https://twitter.com/cyb3rops/status/919301072191148032
https://t.co/s4v7yImthp
https://www.secureworks.com/research/bronze-butler-targets-japanese-businesses
https://twitter.com/cyb3rops/status/919299294322098177
https://t.co/C8pSQSsriJ
https://www.express.co.uk/news/uk/866305/uk-iran-cyber-attack-hacking-nuclear-deal-donald-trump-war-westminster
https://twitter.com/cyb3rops/status/919173824104542208
https://t.co/g3Ld6bpR3A
https://www.hybrid-analysis.com/sample/a6026baa4f4062b2bbf66dc3a3707f965e34271cdd3f00cae45f771e4b4b9013?environmentId=100
https://twitter.com/cyb3rops/status/919144727018172416
https://t.co/HAhpUQc1K5
https://twitter.com/Arno0x0x/status/918900305902829568
https://twitter.com/cyb3rops/status/918498101547208704
https://t.co/JMRRgJzCBF
https://www.trustwave.com/Resources/SpiderLabs-Blog/Post-Soviet-Bank-Heists---A-Hybrid-Cybercrime-Study/
https://twitter.com/cyb3rops/status/918497047258558465
https://t.co/k5KoKLBYLE
http://blog.talosintelligence.com/2017/10/disassembler-and-runtime-analysis.html
https://twitter.com/cyb3rops/status/918496540968316929
https://t.co/7CuUABaCHr
https://securingtomorrow.mcafee.com/mcafee-labs/njrat-hides-vbscript-evade-detection-keystrokes-stored-registry-entrykl-sends-cc-server/
https://twitter.com/cyb3rops/status/918448378161319941
https://twitter.com/cyb3rops/status/918035193491001344
https://twitter.com/cyb3rops/status/918034030020452357
https://t.co/NnruaQnftq
http://www.intezer.com/north-korea-iran-use-codeproject-develop-malware/
https://twitter.com/cyb3rops/status/917787813063557122
https://t.co/HOc8UmAJcF
https://twitter.com/0xpwntester/status/917734016052162560
https://twitter.com/cyb3rops/status/917678103136296960
https://twitter.com/cyb3rops/status/917654070348992513
https://twitter.com/cyb3rops/status/917424112393510914
https://t.co/ozv7dyPJaH
https://github.com/THIBER-ORG/userline/blob/master/README.md
https://twitter.com/cyb3rops/status/917376007681781761
https://t.co/FjmG43yVDm
https://github.com/Neo23x0/munin
https://twitter.com/cyb3rops/status/917000585710272512
https://t.co/ykxyuTlLiH
https://labs.mwrinfosecurity.com/blog/tasking-office-365-for-cobalt-strike-c2
https://twitter.com/cyb3rops/status/916933843638259712
https://t.co/mX2QfLvImJ
https://blog.malwarebytes.com/101/2017/10/out-of-character-homograph-attacks-explained/
https://twitter.com/cyb3rops/status/916630898476572672
https://twitter.com/cyb3rops/status/916336382687301634
https://t.co/Rf3VAQCS3l
https://www.siberas.de/blog/2017/10/05/exploitation_case_study_wild_pool_overflow_CVE-2016-3309_reloaded.html
https://twitter.com/cyb3rops/status/916296440955265025
https://twitter.com/cyb3rops/status/916205245725859840
https://twitter.com/cyb3rops/status/916191780974026752
https://twitter.com/cyb3rops/status/916186366375026688
https://twitter.com/cyb3rops/status/915936466005643264
https://t.co/4Ek1YereLl
https://researchcenter.paloaltonetworks.com/2017/10/unit42-freemilk-highly-targeted-spear-phishing-campaign/
https://twitter.com/cyb3rops/status/915911854597316608
https://t.co/rbYIrqNuvq
https://t.co/rJ3S8H6Z8h
https://streaming.brucon.org/
https://twitter.com/verovaleros/status/915864556211179522
https://twitter.com/cyb3rops/status/915836540626055175
https://twitter.com/cyb3rops/status/915812659517444097
https://twitter.com/cyb3rops/status/915716145210122240
https://twitter.com/cyb3rops/status/915621121504026624
https://t.co/0bZF4BEW1l
https://www.arbornetworks.com/blog/asert/the-flusihoc-dynasty-a-long-standing-ddos-botnet/
https://twitter.com/cyb3rops/status/915604816403079168
https://t.co/fXgBBjcd37
https://t.co/Diqg8GMtWJ
http://blog.burntsushi.net/ripgrep/
https://github.com/BurntSushi/ripgrep
https://twitter.com/cyb3rops/status/915476298650308608
https://t.co/1W6RLNiFSE
https://docs.google.com/document/d/e/2PACX-1vQr14CvYfnHORO0_vzlBleUvD9ApTIgjm-iL0eq7vUWnQrCF2eAr0hIGklJbQUaw56DVyW17vnjbHy1/pub
https://twitter.com/cyb3rops/status/915472194582523905
https://t.co/ckEu524GDD
https://www.scribd.com/document/346419905/Antivirus-Event-Analysis-CheatSheet-1-1
https://twitter.com/cyb3rops/status/915271143183015937
https://t.co/RAsMIOMT4P
https://github.com/Neo23x0/signature-base/commits/master
https://twitter.com/cyb3rops/status/915262657833439232
https://t.co/7IChjTbkOr
http://hackerhurricane.blogspot.com/2017/09/microsoft-is-breaking-our-security.html
https://twitter.com/cyb3rops/status/915167084535062529
https://t.co/3gsvkZjrJO
https://github.com/Neo23x0/sigma/blob/master/rules/proxy/proxy_ua_apt.yml
https://twitter.com/cyb3rops/status/915135877709549568
https://twitter.com/cyb3rops/status/914851608885911554
https://t.co/uYfbteWazc
https://researchcenter.paloaltonetworks.com/2017/09/unit42-striking-oil-closer-look-adversary-infrastructure/
https://twitter.com/cyb3rops/status/914845771979198464
https://twitter.com/cyb3rops/status/914108132556754944
https://t.co/v0gbnd9FKk
https://t.co/POaPUe33zJ
http://michenriksen.com/blog/aquatone-tool-for-domain-flyovers/
https://twitter.com/michenriksen/status/914083894458232834
https://twitter.com/cyb3rops/status/913828322030882817
https://twitter.com/cyb3rops/status/913826608758317056
https://t.co/9p5YI3ZF6c
https://pastebin.com/U4wJcjLZ
https://twitter.com/cyb3rops/status/913819728287862784
https://twitter.com/cyb3rops/status/913817699926597632
https://twitter.com/cyb3rops/status/913817140129656832
https://twitter.com/cyb3rops/status/913784169498599424
https://t.co/J6xddhaP0U
https://blog.malwarebytes.com/threat-analysis/2017/09/elaborate-scripting-fu-used-in-espionage-attack-against-saudi-arabia-government_entity/
https://twitter.com/cyb3rops/status/913674458216501248
https://t.co/9rn4iVycqd
https://twitter.com/Jhaddix/status/913537538731556864
https://twitter.com/cyb3rops/status/913431103616307207
https://t.co/PCLouOmbF3
https://isc.sans.edu/diary.html
https://twitter.com/cyb3rops/status/913295377876619265
https://t.co/IdyBgo7Bsx
http://blog.jpcert.or.jp/2017/09/chase-up-datper-bba7.html
https://twitter.com/cyb3rops/status/912693519332102144
https://twitter.com/cyb3rops/status/912685870175703040
https://t.co/NrYZBqNnWG
https://securelist.com/a-simple-example-of-a-complex-cyberattack/82636/
https://twitter.com/cyb3rops/status/912443051473326085
https://t.co/XHD2XcZiaz
https://researchcenter.paloaltonetworks.com/2017/09/unit42-analyzing-various-layers-agentteslas-packing/
https://twitter.com/cyb3rops/status/912399374398914562
https://t.co/Nj0kZpJcsd
https://www.humblebundle.com/books/hacking-reloaded-books
https://twitter.com/cyb3rops/status/911670695897255937
https://twitter.com/cyb3rops/status/911602655348297730
https://t.co/OxKueHr1t2
https://t.co/POQ4aVjKOG
https://gchq.github.io/CyberChef/
https://github.com/gchq/CyberChef
https://twitter.com/cyb3rops/status/911600994445877248
https://t.co/a6hRFg5nA2
https://t.co/oxuDesey2Y
https://www.virustotal.com/en/file/4ab7802d49f9a930d7f8a6f8a1606a54fe7b2d61e754cdb3f3aa8574091d213e/analysis/
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_case_anomalies.yar
https://twitter.com/cyb3rops/status/911173669166239744
https://t.co/W3II3QLEuG
https://t.co/RMJtkOJ13g
https://www.elastic.co/guide/en/x-pack/current/xpack-introduction.html
https://twitter.com/blubbfiction/status/911136969593380864
https://twitter.com/cyb3rops/status/910619157623951361
https://twitter.com/cyb3rops/status/910558172871630849
https://t.co/oxuDesey2Y
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_case_anomalies.yar
https://twitter.com/cyb3rops/status/910379826095230976
https://twitter.com/cyb3rops/status/910199880714477568
https://twitter.com/cyb3rops/status/910026097202429952
https://t.co/1xA30x2Q8O
https://github.com/Neo23x0/signature-base/blob/master/yara/exploit_cve_2017_8759.yar#L73
https://twitter.com/cyb3rops/status/909822007004614658
https://t.co/HGYa6WqoP1
https://securelist.com/an-undocumented-word-feature-abused-by-attackers/81899/
https://twitter.com/cyb3rops/status/909689961041006597
https://t.co/6BrWwuR263
https://blog.fortinet.com/2017/09/15/deep-analysis-of-new-poison-ivy-plugx-variant-part-ii
https://twitter.com/cyb3rops/status/909689585940205568
https://t.co/uFLXBF6s8X
https://www.trustwave.com/Resources/SpiderLabs-Blog/Introducing-Burplay,-A-Burp-Extension-for-Detection-Privilege-Escalations/
https://twitter.com/cyb3rops/status/909687790937493504
https://t.co/Xx1vycJlRp
https://isc.sans.edu/diary/rss/22832
https://twitter.com/cyb3rops/status/908761829240901632
https://t.co/7QQpygfksp
https://github.com/Neo23x0/signature-base/blob/master/yara/exploit_cve_2017_8759.yar
https://twitter.com/cyb3rops/status/908695992064757760
https://t.co/VJexVVefyu
https://researchcenter.paloaltonetworks.com/2017/09/unit42-palo-alto-networks-discovers-new-qemu-vulnerability/
https://twitter.com/cyb3rops/status/908674866987094016
https://twitter.com/cyb3rops/status/908670776433414145
https://t.co/7Og9i2kLJg
https://hastebin.com
https://twitter.com/cyb3rops/status/908649187948015616
https://twitter.com/cyb3rops/status/908604238808436736
https://t.co/LJoZSgiDcE
https://www.elastic.co/blog/logstash-5-6-0-released
https://twitter.com/cyb3rops/status/908585352973160448
https://t.co/438CtEFV2Q
https://digital-forensics.sans.org/blog/2017/09/13/malware-analysis-cheat-sheets
https://twitter.com/cyb3rops/status/908583118021496832
https://t.co/wF8OcQpgDG
https://www.mdsec.co.uk/2017/09/exploiting-cve-2017-8759-soap-wsdl-parser-code-injection/
https://twitter.com/cyb3rops/status/908462452018466817
https://t.co/l51KXZEp0u
https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/september/decoder-improved-burp-suite-plugin-release-part-1/
https://twitter.com/cyb3rops/status/908414271532519424
https://t.co/y9KvOu5xPJ
https://www.eideon.com/2017-09-09-THL01-Mimikatz/
https://twitter.com/cyb3rops/status/908355490903678977
https://t.co/NVHnymcgmJ
https://t.co/DGP1SN86VU
https://github.com/DCSO/vulninfos/blob/master/ApacheStrutsVulnerabilities/Readme.md
https://twitter.com/DCSO_de/status/908346766038372352
https://twitter.com/cyb3rops/status/908042865380515840
https://t.co/etiUoLQaGP
http://www.intezer.com/new-variants-of-agent-btz-comrat-found-part-2/
https://twitter.com/cyb3rops/status/907690390719004672
https://twitter.com/cyb3rops/status/907493951623528448
https://t.co/jNZRT6dWuB
https://www.virustotal.com/en/file/29a37b8bf404d0595e6ffc246f1cd2bfdb521b54eeb58fbc9a1d0617bdd7965f/analysis/
https://twitter.com/cyb3rops/status/907371581256728576
https://twitter.com/cyb3rops/status/907370829733941248
https://t.co/oxuDesey2Y
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_case_anomalies.yar
https://twitter.com/cyb3rops/status/907341754566938624
https://t.co/caO4wT4jfS
https://medium.com/@br4nsh/from-linux-to-ad-10efb529fae9
https://twitter.com/cyb3rops/status/907236450248413190
https://t.co/x9SUUBK4FG
https://www.hybrid-analysis.com/sample/3b66f0172d5700924f4749db2b7a6f07eb5b5a18033dc379e48d938789f6bf75?environmentId=100
https://twitter.com/cyb3rops/status/907197150571966464
https://t.co/rzk0tfuz8N
https://www.virustotal.com/en/file/f672db7182c79977ac46db4bc0817890e87c58e1e0f6f6e2d8081258cf3bba11/analysis/
https://twitter.com/cyb3rops/status/907145793760632832
https://twitter.com/cyb3rops/status/907133139176361984
https://twitter.com/cyb3rops/status/906452190868525056
https://t.co/2aNAP7jpaj
https://phishme.com/nanocore-variant-delivered-uue-files/
https://twitter.com/cyb3rops/status/906409437249843200
https://t.co/zMTcMfjT4n
https://krebsonsecurity.com/2017/09/equifax-breach-response-turns-dumpster-fire/
https://twitter.com/cyb3rops/status/906206969266143233
https://t.co/mZgvHoHr00
https://github.com/cyberark/ACLight/blob/master/README.md
https://twitter.com/cyb3rops/status/906131685846249474
https://twitter.com/cyb3rops/status/906047153872699392
https://t.co/e3fQt952Ih
https://zeltser.com/reverse-engineering-malicious-code-tips/
https://twitter.com/cyb3rops/status/906046891414126593
https://t.co/oxquB57fm4
https://blog.malwarebytes.com/101/2017/09/google-reminds-website-owners-to-move-to-https-before-october-deadline/amp/
https://twitter.com/cyb3rops/status/906038950569148416
https://t.co/OhaebSBB6d
https://www.youtube.com/watch?v=q7VZtCUphgg&feature=share
https://twitter.com/cyb3rops/status/906037923061129216
https://t.co/QJG560Hpnj
https://privacypolicies.com/blog/eu-cookie-law/
https://twitter.com/cyb3rops/status/905851250155118592
https://t.co/J780CUx5xx
http://blog.trendmicro.com/trendlabs-security-intelligence/emotet-returns-starts-spreading-via-spam-botnet/
https://twitter.com/cyb3rops/status/905761862339497984
https://t.co/zWRSM5tGsL
https://github.com/SwiftOnSecurity/sysmon-config/pulls
https://twitter.com/cyb3rops/status/905539542505140226
https://t.co/mOe3A3XiKP
http://blog.talosintelligence.com/2017/09/vulnerability-spotlight-content.html?m=1
https://twitter.com/cyb3rops/status/905455727166279680
https://t.co/WNzjQ6ZnZD
http://www.austintaylor.io/mitre/attack/matrix/flattened/threat/actor/mapping/2017/09/05/flattened-mitre-attack-matrix/
https://twitter.com/cyb3rops/status/905453588540948482
https://t.co/9TXj4z9lIL
https://researchcenter.paloaltonetworks.com/2017/09/unit42-analysing-10-year-old-snowball/
https://twitter.com/cyb3rops/status/905189192992509952
https://t.co/Uiz6UZndDN
https://blog.fortinet.com/2017/09/05/rehashed-rat-used-in-apt-campaign-against-vietnamese-organizations
https://twitter.com/cyb3rops/status/905189066353803264
https://t.co/hEEqs5vgo8
https://breakingmalware.com/documentation/windows-pssetloadimagenotifyroutine-callbacks-good-bad-unclear-part-1/
https://twitter.com/cyb3rops/status/905188618066677766
https://t.co/0Z5xt2lTBw
https://blog.hboeck.de/archives/889-Abandoned-Domain-Takeover-as-a-Web-Security-Risk.html
https://twitter.com/cyb3rops/status/905147011443421185
https://t.co/caSdPu1RVv
https://twitter.com/h0ng10/status/905144042417213440
https://twitter.com/cyb3rops/status/904831593977708548
https://t.co/3creCXVnxP
https://securingtomorrow.mcafee.com/mcafee-labs/emotet-trojan-acts-as-loader-spreads-automatically/#sf110921556
https://twitter.com/cyb3rops/status/904814376447815680
https://t.co/34yGd6lTF3
http://www.fireeye.com/blog/threat-research/2017/08/monitoring-windows-console-activity-part-two.html
https://twitter.com/cyb3rops/status/904814318864277504
https://t.co/W6Zpqcgq4q
https://www.fireeye.com/blog/threat-research/2017/08/monitoring-windows-console-activity-part-one.html
https://twitter.com/cyb3rops/status/904813414224146432
https://t.co/SIFG31up8U
https://blog.fortinet.com/2017/09/01/powerpoint-file-armed-with-cve-2017-0199-and-uac-bypass
https://twitter.com/cyb3rops/status/904813245436964864
https://t.co/uTVgzE2yMl
http://www.swiftforensics.com/2017/09/releasing-macapt-macos-artifact-parsing.html?m=1
https://twitter.com/cyb3rops/status/904811459930095617
https://t.co/pGb3XXhaEw
https://techanarchy.net/2017/09/hunting-pastebin-with-pastehunter/
https://twitter.com/cyb3rops/status/903703861000589313
https://twitter.com/cyb3rops/status/903680437163352064
https://twitter.com/cyb3rops/status/903539771934433280
https://t.co/6JyejknyST
https://www.zscaler.com/blogs/research/cobian-rat-backdoored-rat
https://twitter.com/cyb3rops/status/903301341870792704
https://t.co/s0v7EAiezZ
https://researchcenter.paloaltonetworks.com/2017/08/unit42-updated-khrat-malware-used-in-cambodia-attacks/
https://twitter.com/cyb3rops/status/902961458316705793
https://t.co/lduiJkmSCO
https://securelist.com/introducing-whitebear/81638/
https://twitter.com/cyb3rops/status/902934898700320770
https://t.co/jbPaEQZRG5
https://illuminatejs.com/
https://twitter.com/cyb3rops/status/902846336336265216
https://t.co/7Ve8QqdPDI
https://translate.google.com/translate?sl=auto&tl=en&js=y&prev=_t&hl=en&ie=UTF-8&u=http%3A%2F%2Fblog.macnica.net%2Fblog%2F2017%2F08%2Fpost-fb81.html&edit-text=
https://twitter.com/cyb3rops/status/902574365602004992
https://twitter.com/cyb3rops/status/902570061482795008
https://twitter.com/cyb3rops/status/902519370605309953
https://t.co/YZtk9WbHZf
https://www.proofpoint.com/us/threat-insight/post/operation-rat-cook-chinese-apt-actors-use-fake-game-thrones-leaks-lures
https://twitter.com/cyb3rops/status/902495302984376321
https://twitter.com/cyb3rops/status/902424651489562624
https://t.co/DjaIpR99Yf
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_susp_regsvr32_anomalies.yml
https://twitter.com/cyb3rops/status/902282378617475072
https://t.co/EBMxhZ2c9k
https://twitter.com/trustedsec/status/901262314640429057
https://twitter.com/cyb3rops/status/902087765772382209
https://t.co/tEkULz3Hss
https://t.co/qfaBx4zyEj
https://www.glasswire.com
https://forum.glasswire.com/t/feature-comparison-of-basic-pro-elite-versions/1063/4
https://twitter.com/cyb3rops/status/902045643329462272
https://t.co/tEkULz3Hss
https://www.glasswire.com
https://twitter.com/cyb3rops/status/901868490046525441
https://t.co/0mtqz7MyMu
https://www.obdev.at/products/littlesnitch/index.html
https://twitter.com/cyb3rops/status/901543188367900672
https://t.co/nC3HxKqK3x
https://www.hybrid-analysis.com/sample/f34da6d84a9663928606894fbc494cd9bf2f03c98cf0c775462802558d3a50ef?environmentId=100
https://twitter.com/cyb3rops/status/901455330185535488
https://t.co/iZKVqaIwm3
http://h20565.www2.hpe.com/hpsc/doc/public/display?docId=hpesbhf03769en_us
https://twitter.com/cyb3rops/status/901346212632289280
https://t.co/oQ5ksrBzv3
https://www.cbsnews.com/news/yu-pingan-chinese-national-arrested-hacking-conspiracy-sakura/
https://twitter.com/cyb3rops/status/901346099339853825
https://t.co/Hca0wELPVT
https://foxglovesecurity.com/2017/08/25/abusing-token-privileges-for-windows-local-privilege-escalation/amp/
https://twitter.com/cyb3rops/status/901021642683547648
https://twitter.com/cyb3rops/status/901017203843227649
https://twitter.com/cyb3rops/status/900744533012598784
https://twitter.com/cyb3rops/status/900701200303214593
https://t.co/KeeqlCtuuq
https://t.co/piQbOPn2Yb
https://www.siberas.de/blog/2017/08/24/sjet_siberas_jmx_exploitation_toolkit.html
https://github.com/siberas/sjet
https://twitter.com/cyb3rops/status/900690485546823686
https://t.co/uxliuLkDc5
http://seclist.us/visualbasicobfuscator-visual-basic-script-obfuscator-for-penetration-testing.html
https://twitter.com/cyb3rops/status/900044469478854657
https://t.co/VhnIC69XFT
https://github.com/extr0py/oni/blob/master/README.md
https://twitter.com/cyb3rops/status/900023699293827072
https://t.co/SQsXgvHwnQ
http://www.zdnet.com/article/wannacry-ransomware-attack-at-lg-electronics-takes-systems-offline/
https://twitter.com/cyb3rops/status/899895616549113856
https://t.co/ZbFWDiBKNh
http://carnal0wnage.attackresearch.com/2017/08/certutil-for-delivery-of-files.html
https://twitter.com/cyb3rops/status/899895191502499842
https://t.co/oXiW8VHsRn
http://blog.trendmicro.com/trendlabs-security-intelligence/cryptocurrency-miner-uses-wmi-eternalblue-spread-filelessly/
https://twitter.com/cyb3rops/status/899877243052326913
https://t.co/ZABzuE9PVo
http://www.elastic.co/blog/index-sorting-elasticsearch-6-0
https://twitter.com/cyb3rops/status/899876793779408897
https://t.co/FZztVgriFp
https://phishme.com/zeus-pandas-modular-functions-provide-insight-botnet-malware-capabilities/
https://twitter.com/cyb3rops/status/899657661947498499
https://t.co/NcORKTqTga
https://www.hybrid-analysis.com/sample/a112274e109c5819d54aa8de89b0e707b243f4929a83e77439e3ff01ed218a35?environmentId=100
https://twitter.com/cyb3rops/status/899655729803665409
https://t.co/B0IVawy3KO
https://twitter.com/eyalsela/status/899654584662056960
https://twitter.com/cyb3rops/status/899652921427546112
https://t.co/2o86lZoqpu
https://t.co/mX0QT3dIXz
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_tick_datper.yar
http://blog.jpcert.or.jp/2017/08/detecting-datper-malware-from-proxy-logs.html
https://twitter.com/cyb3rops/status/899650538052124672
https://twitter.com/cyb3rops/status/898938624468815872
https://t.co/TVbKRBZH6g
https://www.elastic.co/blog/analyzing-network-packets-with-wireshark-elasticsearch-and-kibana
https://twitter.com/cyb3rops/status/898804770332332033
https://t.co/2DiMUD0ISo
https://isc.sans.edu/forums/diary/tshark+24+New+Feature+Command+Line+Export+Objects/22734/
https://twitter.com/cyb3rops/status/898575400653271041
https://t.co/9Bh2LbYYq1
https://blog.malwarebytes.com/cybercrime/2017/08/inside-kronos-malware/
https://twitter.com/cyb3rops/status/898304478910316544
https://t.co/mVdqLsJBsq
https://github.com/TravisFSmith/SweetSecurity/blob/2.0/README.md
https://twitter.com/cyb3rops/status/898301693112307712
https://t.co/0uTnj6c9J5
https://github.com/cliffe/SecGen
https://twitter.com/cyb3rops/status/897507789198815235
https://t.co/3cqMw8PYxC
https://blog.fortinet.com/2017/08/15/a-quick-look-at-a-new-konni-rat-variant
https://twitter.com/cyb3rops/status/897414231993311232
https://t.co/QmfJ8NY1Bu
https://github.com/Neo23x0/Loki/releases
https://twitter.com/cyb3rops/status/897365513118076928
https://t.co/FQkTm0ONYI
https://github.com/Cisco-Talos/pyrebox
https://twitter.com/cyb3rops/status/897363514892972032
https://t.co/pxAF79GTmh
http://www.forensickb.com/2017/08/i-have-updated-enscript-to-send-hash.html
https://twitter.com/cyb3rops/status/897363327881498624
https://t.co/cnaH78KLbD
http://dfstream.blogspot.de/2017/08/memory-acquisition-and-virtual-secure.html?m=1
https://twitter.com/cyb3rops/status/897185907807326208
https://t.co/dXgjXFruyB
https://github.com/Neo23x0/yarGen/releases
https://twitter.com/cyb3rops/status/897009073534775296
https://t.co/gXAQucrhfb
https://gist.github.com/pingec/7b391a04412a7034bfb6
https://twitter.com/cyb3rops/status/897004945890832386
https://twitter.com/cyb3rops/status/897003301568483328
https://twitter.com/cyb3rops/status/897002750906687489
https://t.co/KgnEJ6xib9
https://t.co/gXAQucrhfb
https://blogs.technet.microsoft.com/jonathantrull/2016/10/03/detecting-sticky-key-backdoors/
https://gist.github.com/pingec/7b391a04412a7034bfb6
https://twitter.com/cyb3rops/status/896844350335930368
https://t.co/doIa3g6fLE
https://github.com/donnemartin/gitsome
https://twitter.com/cyb3rops/status/896320847627026434
https://t.co/TsRCZxoiNT
https://asciinema.org/a/129227
https://twitter.com/cyb3rops/status/896244711542968320
https://t.co/3r8gAIKmsV
http://seclist.us/hostbase-a-bash-script-for-advanced-rogue-ap-attack.html
https://twitter.com/cyb3rops/status/896085453266239488
https://t.co/87OD1e0Chk
https://adsecurity.org/?p=3719
https://twitter.com/cyb3rops/status/896084914755457026
https://t.co/6jC38Tz1Si
http://www.labofapenetrationtester.com/2017/08/week-of-evading-microsoft-ata-day5.html
https://twitter.com/cyb3rops/status/896084609217069056
https://t.co/x1795ffjoI
https://isc.sans.edu/diary/rss/22706
https://twitter.com/cyb3rops/status/896029758118612992
https://t.co/jMkTKIOK9k
https://twitter.com/TheHackersNews/status/895936579272712192
https://twitter.com/cyb3rops/status/895386661776961538
https://t.co/LXcHr1ZsH1
https://english.aawsat.com/n-al-rasheed/news-middle-east/saudi-arabia/saudi-national-cyber-security-detects-unconventional-malware/amp
https://twitter.com/cyb3rops/status/895024725730238464
https://t.co/ZMUfxajW0s
https://www.malwaresoup.com/sysmon-and-neo4j/
https://twitter.com/cyb3rops/status/894966313768157184
https://t.co/qRZEy6hQV8
https://nakedsecurity.sophos.com/2017/08/08/microsoft-issues-out-of-band-security-updates-for-outlook-office/amp/
https://twitter.com/cyb3rops/status/894965740431921155
https://t.co/3CNZ0II3j7
http://googleprojectzero.blogspot.com/2017/08/windows-exploitation-tricks-arbitrary.html
https://twitter.com/cyb3rops/status/894964942004269057
https://t.co/L5sb8jhAdM
http://www.labofapenetrationtester.com/2017/08/week-of-evading-microsoft-ata-day2.html
https://twitter.com/cyb3rops/status/894929958392528896
https://twitter.com/cyb3rops/status/894926821917110273
https://t.co/opEyT2tgSn
https://www.virustotal.com
https://twitter.com/cyb3rops/status/894861742945308672
https://t.co/rTqC9Lo5tb
http://www.labofapenetrationtester.com/2017/08/week-of-evading-microsoft-ata-day1.html
https://twitter.com/cyb3rops/status/894812588407705600
https://twitter.com/cyb3rops/status/894478751274344448
https://t.co/QfE3u2Hsay
https://t.co/D9JVmROi76
https://github.com/Neo23x0/sigma/blob/master/rules/web/web_django_security.yml
https://www.bsk-consulting.de/2017/07/06/the-best-possible-monitoring-with-sigma-rules/
https://twitter.com/cyb3rops/status/894286341533519872
https://twitter.com/cyb3rops/status/893853861038915584
https://t.co/zeitMiJcgS
https://github.com/Neo23x0/sigma/tree/master/rules/windows/
https://twitter.com/cyb3rops/status/893796039907569664
https://t.co/zwGaOewcEa
https://twitter.com/angealbertini/status/893486155353792512
https://twitter.com/cyb3rops/status/893565639125737472
https://t.co/UHE40bVoVS
http://blog.jpcert.or.jp/2017/08/what-the-avalanche-botnet-takedown-revealed-banking-trojan-infection-in-japan.html
https://twitter.com/cyb3rops/status/893563154155708416
https://t.co/RQMHaVH8aD
https://www.mdsec.co.uk/2017/08/introducing-angrypuppy/
https://twitter.com/cyb3rops/status/893232443792216073
https://t.co/b2YK2voMLF
https://www.proofpoint.com/us/threat-insight/post/fin7carbanak-threat-actor-unleashes-bateleur-jscript-backdoor
https://twitter.com/cyb3rops/status/893222535650828292
https://t.co/o9wB95TOwu
https://research.trust.salesforce.com/Open-Sourcing-JA3-TLS-Fingerprinting/
https://twitter.com/cyb3rops/status/893189620862726144
https://t.co/XVYHgV5Dd8
http://thehackernews.com/2017/08/marcus-hutchins-arrested-fbi.html?m=1
https://twitter.com/cyb3rops/status/893142401933561856
https://t.co/7tH9blUO3j
https://www.blackhillsinfosec.com/monitor-network-traffic-virtualized-bro-2-51-ubuntu-16-04-2-esxi-6-5/
https://twitter.com/cyb3rops/status/893141178144706561
https://t.co/dXM1krF1gM
https://enigma0x3.net/2017/08/03/wsh-injection-a-case-study/
https://twitter.com/cyb3rops/status/893140823683903488
https://t.co/Xj4E9nz0Hh
https://www.engadget.com/2017/08/03/password-pwned-protection-troy-hunt-306-million-breach/
https://twitter.com/cyb3rops/status/893010476069736449
https://t.co/VVqnGnteb3
https://github.com/Neo23x0/Loki
https://twitter.com/cyb3rops/status/893002878033567744
https://t.co/JLeIHIOqsx
https://t.co/Eimm1cT6yV
http://ExpiredDomains.net
https://github.com/t94j0/AIRMASTER
https://twitter.com/cyb3rops/status/892790585547001856
https://t.co/wqMDiPUCtZ
http://blog.trendmicro.com/trendlabs-security-intelligence/look-js_powmet-completely-fileless-malware/
https://twitter.com/cyb3rops/status/892789874885054464
https://t.co/MZfRiBmuzI
https://blog.malwarebytes.com/cybercrime/2017/08/enemy-at-the-gates-reviewing-the-magnitude-exploit-kit-redirection-chain/
https://twitter.com/cyb3rops/status/892641350046420992
https://t.co/EgM1ZCLbTm
https://t.co/xCug4PL6dG
https://researchcenter.paloaltonetworks.com/2017/08/unit42-prince-persia-ride-lightning-infy-returns-foudre/
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_foudre.yar
https://twitter.com/cyb3rops/status/892431982281535488
https://t.co/UKFig98JUT
http://blog.trendmicro.com/trendlabs-security-intelligence/chessmaster-cyber-espionage-campaign/
https://twitter.com/cyb3rops/status/892021213396172801
https://t.co/bSMKESrDdP
https://researchcenter.paloaltonetworks.com/2017/07/unit42-twoface-webshell-persistent-access-point-lateral-movement/
https://twitter.com/cyb3rops/status/892006882377953280
https://t.co/Wb3PSjziKH
https://github.com/PUNCH-Cyber/YaraGuardian
https://twitter.com/cyb3rops/status/891948597184430080
https://t.co/r7rWkLqlDZ
https://twitter.com/MDSecLabs/status/884437618062229504
https://twitter.com/cyb3rops/status/891914695522885632
https://t.co/5Ri1OLb5RK
https://twitter.com/jaredhaight/status/891739044056518656
https://twitter.com/cyb3rops/status/891733325383180290
https://t.co/8ihdfGVT5l
https://isc.sans.edu/diary/rss/22662
https://twitter.com/cyb3rops/status/891277567281569792
https://t.co/I1A1XMokmu
https://twitter.com/HackwithGithub/status/891274612058845185
https://twitter.com/cyb3rops/status/891258144168476672
https://twitter.com/cyb3rops/status/891254479424823296
https://t.co/F1FuKleuTB
https://www.forbes.com/sites/thomasbrewster/2017/07/27/iran-hackers-oilrig-use-fake-personas-on-facebook-linkedin-for-cyberespionage/#77d9cbb149af
https://twitter.com/cyb3rops/status/891253880734052352
https://twitter.com/cyb3rops/status/891237058433470464
https://t.co/Iv4542sWvI
https://blog.didierstevens.com/2017/07/28/analyzing-password-dumps-with-my-tools-part-1/amp/
https://twitter.com/cyb3rops/status/890966319264354304
https://t.co/xY4SYeLcxW
https://github.com/xoreaxeaxeax/sandsifter
https://twitter.com/cyb3rops/status/890965672460771329
https://t.co/A8cacavwZ4
https://ring.cx/en/news
https://twitter.com/cyb3rops/status/890964927028047873
https://t.co/Ci2maazlxd
https://arstechnica.com/?p=1126335
https://twitter.com/cyb3rops/status/890698214659289089
https://t.co/aOMPMIcRoZ
https://researchcenter.paloaltonetworks.com/2017/07/unit42-oilrig-uses-ismdoor-variant-possibly-linked-greenbug-threat-group/
https://twitter.com/cyb3rops/status/890696409543999488
https://t.co/fcCgVjfUiY
https://blog.comae.io/the-shadow-brokers-cyber-fear-game-changers-d143796f560f?source=rss-bac3a09af3b4------2
https://twitter.com/cyb3rops/status/890696241599959040
https://t.co/vSKWOPLqrW
https://suricata-ids.org/2017/07/27/suricata-4-0-released/
https://twitter.com/cyb3rops/status/890695622319276033
https://twitter.com/cyb3rops/status/890614242935676928
https://t.co/hZzo0cma8y
https://www.secureworks.com/research/the-curious-case-of-mia-ash
https://twitter.com/cyb3rops/status/890308464869871616
https://twitter.com/cyb3rops/status/890246592997011458
https://t.co/m6xffJY3Kw
https://medium.com/@jberggren/timeline-analysis-from-the-future-59a7ad7da498
https://twitter.com/cyb3rops/status/890245032300728322
https://t.co/XdInzvtP10
https://www.infocyte.com/blog/2017/7/10/red-teams-advance-in-memory-evasion-tradecraft
https://twitter.com/cyb3rops/status/890122041805897730
https://t.co/JeOZrWQMKi
https://t.co/wfl87qJNpH
http://www.clearskysec.com/tulip/
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_wilted_tulip.yar
https://twitter.com/cyb3rops/status/890095869567094786
https://t.co/jhVvNm8ce4
https://securelist.com/spring-dragon-updated-activity/79067/
https://twitter.com/cyb3rops/status/890075157833953281
https://t.co/QmfJ8NY1Bu
https://github.com/Neo23x0/Loki/releases
https://twitter.com/cyb3rops/status/890056665327915009
https://t.co/lDvbelmZ7D
https://t.co/Vnww3o7AH5
https://medium.com/airbnb-engineering/binaryalert-real-time-serverless-malware-detection-ca44370c1b90
https://github.com/airbnb/binaryalert
https://twitter.com/cyb3rops/status/889841848373710848
https://twitter.com/cyb3rops/status/889830222102749184
https://t.co/p3Tcc9AIUe
https://blog.sourcetreeapp.com/
https://twitter.com/cyb3rops/status/889532076428599296
https://t.co/BYjgzo2ULs
http://blog.talosintelligence.com/2017/07/template-injection.html
https://twitter.com/cyb3rops/status/888786308675588096
https://twitter.com/cyb3rops/status/888785784312127489
https://t.co/uspOy5aT2H
http://IPM.Note.abc
https://twitter.com/cyb3rops/status/888781239431385089
https://twitter.com/cyb3rops/status/888775015646334976
https://twitter.com/cyb3rops/status/888524717530923008
https://t.co/SnQV36csU8
https://github.com/Neo23x0/Loki/blob/master/tools/vt-checker-hosts.py
https://twitter.com/cyb3rops/status/888383105635102720
https://t.co/QkQ16kicvX
https://attack.mitre.org/wiki/Main_Page
https://twitter.com/cyb3rops/status/888175435540025344
https://twitter.com/cyb3rops/status/887791781387137025
https://t.co/0GL20lMebn
https://securingtomorrow.mcafee.com/mcafee-labs/analyzing-cve-2017-9791-apache-struts-vulnerability-can-lead-remote-code-execution/
https://twitter.com/cyb3rops/status/887745772283973634
https://t.co/yfafoqScaO
https://twitter.com/cyberberke/status/885028083639734273
https://twitter.com/cyb3rops/status/887694355120738304
https://twitter.com/cyb3rops/status/887692697502461952
https://twitter.com/cyb3rops/status/887689708465246208
https://t.co/XUd5WRAKnS
http://defcon.outel.org/
https://twitter.com/cyb3rops/status/887350182534406144
https://twitter.com/cyb3rops/status/887320451806003202
https://t.co/4HIj7e7zRC
https://www.justice.gov/opa/pr/two-iranian-nationals-charged-hacking-vermont-software-company
https://twitter.com/cyb3rops/status/887084944459145216
https://twitter.com/cyb3rops/status/887029257448378369
https://t.co/EYArxhKqna
https://www.humblebundle.com/books/cybersecurity-wiley
https://twitter.com/cyb3rops/status/886727040229146624
https://twitter.com/cyb3rops/status/886358799384227840
https://t.co/FIkoLE6QBK
https://t.co/agUIy1qg83
https://github.com/Neo23x0/Loki/blob/master/tools/vt-checker.py
https://www.fireeye.com/blog/threat-research/2014/01/tracking-malware-import-hashing.html
https://twitter.com/cyb3rops/status/886225504352821248
https://t.co/CQzATX1gPq
https://github.com/tiagorlampert/CHAOS
https://twitter.com/cyb3rops/status/885911435783659521
https://t.co/5hNR28GQFS
https://www.cyphon.io/
https://twitter.com/cyb3rops/status/885899619712028672
https://t.co/ENAcjSVqVX
https://twitter.com/Mike_Mimoso/status/885569435527938050
https://twitter.com/cyb3rops/status/885530469080727552
https://t.co/x3Hth16Uvx
https://github.com/Neo23x0/Fenrir/commit/c680a6917858f33e7cb9d5b836e9336df20f44c1
https://twitter.com/cyb3rops/status/885523418401181697
https://t.co/5VDDes99v3
https://www.symantec.com/connect/blogs/attackers-are-increasingly-living-land
https://twitter.com/cyb3rops/status/885494203450621952
https://t.co/u3qmaTjELU
https://www.protectwise.com/blog/winnti-evolution-going-open-source.html
https://twitter.com/cyb3rops/status/885248992644386816
https://t.co/5TgNhDoIIl
http://blog.trendmicro.com/trendlabs-security-intelligence/spam-remote-access-trojan-adwind-jrat/
https://twitter.com/cyb3rops/status/884917757342625792
https://twitter.com/cyb3rops/status/884910981045944320
https://t.co/QUcG6xNWt6
https://github.com/Neo23x0/Loki/tree/master/tools
https://twitter.com/cyb3rops/status/884906083541712896
https://twitter.com/cyb3rops/status/884570667433299969
https://t.co/ZyWyydrSgH
http://scribd.com
https://twitter.com/cyb3rops/status/884500337641615360
https://twitter.com/cyb3rops/status/884488173941927936
https://t.co/d9UB6hWjxE
https://github.com/hfiref0x/UACME
https://twitter.com/cyb3rops/status/884482725197041664
https://twitter.com/cyb3rops/status/884239098709520385
https://twitter.com/cyb3rops/status/884144597622018048
https://twitter.com/cyb3rops/status/884144326770651136
https://t.co/aWrnppBi78
https://blogs.rsa.com/cat-phishing/
https://twitter.com/cyb3rops/status/883717898228736003
https://t.co/yPkFoY5FIH
https://github.com/Neo23x0/sigma/tree/master/rules/proxy
https://twitter.com/cyb3rops/status/883512138723209216
https://twitter.com/cyb3rops/status/883427347306864640
https://twitter.com/cyb3rops/status/883424924408348672
https://t.co/NSP1F5KdtU
https://github.com/Neo23x0/sigma/blob/master/rules/proxy/proxy_powershell_ua.yml
https://twitter.com/cyb3rops/status/883322308101898241
https://t.co/VN2hXcLFhq
https://twitter.com/eyalsela/status/883319070556401665
https://twitter.com/cyb3rops/status/883047399878471684
https://t.co/70HyT8pf7o
https://github.com/Neo23x0/sigma/tree/master/rules/windows/sysmon
https://twitter.com/cyb3rops/status/883009633429970944
https://t.co/Z8fKSRRmAb
https://nosecurecode.blog/2017/03/14/sysmon-shell/
https://twitter.com/cyb3rops/status/883003347996995584
https://t.co/Z8fKSRRmAb
https://nosecurecode.blog/2017/03/14/sysmon-shell/
https://twitter.com/cyb3rops/status/883000279423209477
https://t.co/Tc65DxvZ8P
https://github.com/Neo23x0/signature-base/commit/9e41c783518edd6b255545666dcb9e96a410da15
https://twitter.com/cyb3rops/status/882914332408983552
https://t.co/RfHXDyc3qi
https://t.co/e7ivo8A9RA
https://nosecurecode.blog/2017/06/10/updated-sysmonview/
https://github.com/nshalabi/SysmonTools
https://twitter.com/cyb3rops/status/882775911636107265
https://t.co/D9JVmROi76
https://www.bsk-consulting.de/2017/07/06/the-best-possible-monitoring-with-sigma-rules/
https://twitter.com/cyb3rops/status/882692986072596481
https://t.co/FnnlmxtHkC
https://t.co/dqDYtK6GVG
https://t.co/YQWZtLUKOO
https://www.welivesecurity.com/2017/07/04/analysis-of-telebots-cunning-backdoor/
http://blog.talosintelligence.com/2017/07/the-medoc-connection.html
https://github.com/Neo23x0/signature-base/blob/master/yara/crime_teledoor.yar
https://twitter.com/cyb3rops/status/882663836767145987
https://t.co/yqnAQ96pBU
https://securelist.com/in-expetrpetyas-shadow-fakecry-ransomware-wave-hits-ukraine/78973/
https://twitter.com/cyb3rops/status/882661895177678859
https://t.co/IJxBTWGMEk
https://krebsonsecurity.com/2017/07/who-is-the-govrat-author-and-mirai-botmaster-bestbuy/
https://twitter.com/cyb3rops/status/882661377520873472
https://t.co/9KnkUBcYVQ
https://blog.netspi.com/anonymous-sql-execution-oracle-advanced-support/
https://twitter.com/cyb3rops/status/882660841438535682
https://t.co/bmvY3NaYPS
http://www.fireeye.com/blog/threat-research/2017/07/linux-support-for-fakenet-ng.html
https://twitter.com/cyb3rops/status/882660642171346944
https://t.co/mZtsVlMlfx
https://www.darknet.org.uk/2017/07/gnupg-crypto-library-libgcrypt-cracked-via-side-channel/
https://twitter.com/cyb3rops/status/882654709991059456
https://twitter.com/cyb3rops/status/882653673150709760
https://t.co/Em0H8pzXvt
https://github.com/VirusTotal/yara/releases/tag/v3.6.3
https://twitter.com/cyb3rops/status/882585635340656640
https://twitter.com/cyb3rops/status/882582727404474368
https://t.co/WQhtKJT03E
https://github.com/iadgov/Windows-Event-Log-Messages/blob/master/README.md
https://twitter.com/cyb3rops/status/882254406531633154
https://twitter.com/cyb3rops/status/882254010320924672
https://twitter.com/cyb3rops/status/882252507887656960
https://twitter.com/cyb3rops/status/882188000490385408
https://t.co/EPAJxQVyuN
https://patzke.org/introducing-equel-an-elasticsearch-query-language.html
https://twitter.com/cyb3rops/status/882182117605740545
https://t.co/nSUCrF4wwl
https://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=21331
https://twitter.com/cyb3rops/status/881966548461727746
https://t.co/AxmEID1EkJ
http://seclist.us/imagemounter-utility-to-mount-volumes-in-encase-and-dd-images-locally.html
https://twitter.com/cyb3rops/status/881966330764832769
https://t.co/wP7fjZaZjY
https://arstechnica.com/security/2017/07/https-certificate-revocation-is-broken-and-its-time-for-some-new-tools/
https://twitter.com/cyb3rops/status/881964970757562368
https://t.co/qwiJsor3mb
https://www.gdatasoftware.com/blog/2017/07/29859-who-is-behind-petna
https://twitter.com/cyb3rops/status/881773570912915456
https://twitter.com/cyb3rops/status/881595345595248640
https://t.co/vgX5tjfihd
http://blog.erratasec.com/2017/07/yet-more-reasons-to-disagree-with.html
https://twitter.com/cyb3rops/status/881584814167662596
https://t.co/GMnHk4lppx
https://www.tenable.com/products/nessus/nessus-agents
https://twitter.com/cyb3rops/status/881584134673641472
https://twitter.com/cyb3rops/status/881200291365965824
https://t.co/rMfyR9K5xK
https://soundcloud.com/florian-roth-10/master-control-program-mix
https://twitter.com/cyb3rops/status/881170924984250368
https://twitter.com/cyb3rops/status/881033543417118720
https://t.co/J9dAEb91G9
http://www.fireeye.com/blog/threat-research/2017/06/obfuscation-in-the-wild.html
https://twitter.com/cyb3rops/status/880830521974165505
https://twitter.com/cyb3rops/status/880696995358404608
https://twitter.com/cyb3rops/status/880676339552006144
https://t.co/foHeTfd5qS
http://blog.trendmicro.com/trendlabs-security-intelligence/information-stealer-found-hitting-israeli-hospitals/
https://twitter.com/cyb3rops/status/880675643570237440
https://twitter.com/cyb3rops/status/880549224676446208
https://t.co/Re66s2IM5C
https://iq-research.info/en/page/average-iq-by-country#
https://twitter.com/cyb3rops/status/880477268044378113
https://t.co/6NqvlEh3Ej
https://aws.amazon.com/ec2/pricing/
https://twitter.com/cyb3rops/status/880468923493343232
https://twitter.com/cyb3rops/status/880463838872731649
https://t.co/UALG7fFnC0
https://www.shellandco.net/deploy-petya-vaccination-files-ad-domain-members/
https://twitter.com/cyb3rops/status/880461362731913216
https://t.co/xDsekVKp3I
https://www.helpnetsecurity.com/2017/06/29/azure-ad-connect-vulnerability/
https://twitter.com/cyb3rops/status/880460947156086785
https://t.co/fGGQWqUTYl
https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b
https://twitter.com/cyb3rops/status/880459993643962368
https://t.co/eMUvCj3idR
http://blog.obdev.at/little-snitch-and-possible-deprecation-of-nkes/
https://twitter.com/cyb3rops/status/880459103570726912
https://t.co/5j3ockzXNL
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp
https://twitter.com/cyb3rops/status/880454399587491840
https://twitter.com/cyb3rops/status/880449374605774849
https://twitter.com/cyb3rops/status/880435661005783040
https://twitter.com/cyb3rops/status/880339222401601536
https://twitter.com/cyb3rops/status/880181892582080513
https://t.co/UBc2eBhAsc
https://github.com/VirusTotal/yara/releases/tag/v3.6.2
https://twitter.com/cyb3rops/status/880075258094645248
https://twitter.com/cyb3rops/status/880058332131840004
https://t.co/n3bIGriGht
https://researchcenter.paloaltonetworks.com/2017/06/unit42-paranoid-plugx/
https://twitter.com/cyb3rops/status/880021424261541888
https://t.co/nV2ur5Dbfa
https://securelist.com/schroedingers-petya/78870/
https://twitter.com/cyb3rops/status/880021132631580672
https://t.co/bV84YWFGDB
https://twitter.com/cyb3rops/status/763337020429271040
https://twitter.com/cyb3rops/status/880020885956165633
https://twitter.com/cyb3rops/status/880005100814467072
https://t.co/kB2ouIgdPm
https://www1.cs.fau.de/content/forensic-email-visualization
https://twitter.com/cyb3rops/status/879976912990294016
https://t.co/mBKdT9hXWI
https://github.com/Neo23x0/sigma/blob/master/rules/windows/malware/sysmon_malware_notpetya.yml
https://twitter.com/cyb3rops/status/879953894729764864
https://t.co/nV2ur5Dbfa
https://securelist.com/schroedingers-petya/78870/
https://twitter.com/cyb3rops/status/879949477678907392
https://t.co/2HWNNl9syC
https://arstechnica.com/information-technology/2017/06/microsoft-bringing-emet-back-as-a-built-in-part-of-windows-10/?amp=1
https://twitter.com/cyb3rops/status/879825441770655746
https://twitter.com/cyb3rops/status/879815635999567873
https://t.co/GL0d23O2el
https://twitter.com/phage_nz/status/879813794741997568
https://twitter.com/cyb3rops/status/879811770512224258
https://twitter.com/cyb3rops/status/879810363088404480
https://twitter.com/cyb3rops/status/879725829978300416
https://t.co/8FnnMg5rK3
https://gist.github.com/Neo23x0/7ff267390d0670998e9c481c22ab0071
https://twitter.com/cyb3rops/status/879724191125295105
https://t.co/RWNcqVSyII
https://github.com/Neo23x0/sigma/blob/master/rules/windows/builtin/win_eventlog_cleared.yml
https://twitter.com/cyb3rops/status/879373928204029952
https://t.co/LMklsTUhhA
https://www.howtogeek.com/273824/windows-10-without-the-cruft-windows-10-ltsb-explained/
https://twitter.com/cyb3rops/status/879372543714635777
https://t.co/B7TmUuEMNv
https://articles.forensicfocus.com/2017/06/26/ram-forensic-analysis/
https://twitter.com/cyb3rops/status/879371983343013889
https://t.co/U9DV40OGqQ
https://keepassxc.org/blog/2017-06-26-2.2.0-released/
https://twitter.com/cyb3rops/status/878690892059734018
https://t.co/X3TID9ENjL
http://www.vkremez.com/2017/06/lets-learn-diy-sophisticated-cobalt.html?m=1
https://twitter.com/cyb3rops/status/878686530499473408
https://t.co/pcdGIJxfXx
https://arstechnica.com/tech-policy/2017/06/obama-reportedly-ordered-hacking-operation-targeting-key-russian-networks/?amp=1
https://twitter.com/cyb3rops/status/878685618737475584
https://t.co/BxLdYG2m5H
https://checkmarx.gitbooks.io/go-scp/
https://twitter.com/cyb3rops/status/878372756433141760
https://t.co/BYuyEhDQE1
https://www.theregister.co.uk/2017/06/23/windows_10_leak/?mt=1498254900937
https://twitter.com/cyb3rops/status/878243202880348160
https://twitter.com/cyb3rops/status/877947096472727552
https://t.co/hjYRvmSvFx
https://github.com/m0rtem/CloudFail
https://twitter.com/cyb3rops/status/877945751279616000
https://t.co/FXasJuws75
https://www.trustwave.com/Resources/SpiderLabs-Blog/ModSecurity-version-3--Fuzzing-as-part-of-the-QA/
https://twitter.com/cyb3rops/status/877945217416089601
https://t.co/8g7qCqBNw3
https://isc.sans.edu/forums/diary/Obfuscating+without+XOR/22544/
https://twitter.com/cyb3rops/status/877944684517052417
https://t.co/FYyCAkC2RY
http://blog.portswigger.net/2017/06/behind-enemy-lines-bug-hunting-with.html
https://twitter.com/cyb3rops/status/877943789196726272
https://t.co/teNWWZDmjh
http://blog.trendmicro.com/trendlabs-security-intelligence/following-trail-blacktech-cyber-espionage-campaigns/
https://twitter.com/cyb3rops/status/877938146205470721
https://t.co/ChuT3rvNaI
https://researchcenter.paloaltonetworks.com/2017/06/unit42-new-improved-macos-backdoor-oceanlotus/
https://twitter.com/cyb3rops/status/877559667483971586
https://twitter.com/cyb3rops/status/877449789356597248
https://t.co/wxwQhaHEMZ
https://www.bsk-consulting.de/2016/04/15/how-to-write-simple-but-sound-yara-rules-part-3/
https://twitter.com/cyb3rops/status/877061855088447489
https://t.co/MKKWg4yhP2
https://blogs.technet.microsoft.com/sysinternals/2017/06/17/sysinternals-update-sysmon-v6-03/
https://twitter.com/cyb3rops/status/876871096779366401
https://t.co/gwHb0em7kY
https://www.arbornetworks.com/blog/asert/pivoting-off-hidden-cobra-indicators/
https://twitter.com/cyb3rops/status/876870251232849920
https://t.co/gaxdgPkbyM
http://blog.talosintelligence.com/2017/06/palestine-delphi.html?m=1
https://twitter.com/cyb3rops/status/876868454493585409
https://t.co/RD7R2PIqjx
https://arstechnica.com/security/2017/06/12-year-old-security-hole-in-unix-based-oses-isnt-plugged-after-all/
https://twitter.com/cyb3rops/status/876824148592513024
https://t.co/AOP2sExJAV
https://obdev.at/products/littlesnitch-beta/download.html
https://twitter.com/cyb3rops/status/876438501092450305
https://t.co/kLZrcoSrFo
https://www.bloomberg.com/politics/articles/2017-06-15/trump-orders-government-to-stop-work-on-y2k-bug-17-years-later
https://twitter.com/cyb3rops/status/876353465777258497
https://t.co/JvGXi1XCWl
https://twitter.com/harmj0y/status/876333731782381573
https://twitter.com/cyb3rops/status/876345896631504897
https://twitter.com/cyb3rops/status/876340007530885125
https://t.co/vevKJc9YOf
https://t.co/5Ww75BqcYB
http://blog.jpcert.or.jp/2017/06/1-ae0d.html
https://github.com/Neo23x0/signature-base/commit/9fba9246dc461a7ad76494db07e8289c43d2cff0
https://twitter.com/cyb3rops/status/876328974045114369
https://t.co/BVG14MO5w8
https://twitter.com/trailofbits/status/875767295028719618
https://twitter.com/cyb3rops/status/876327544416546816
https://t.co/VHcuu1FVYM
https://twitter.com/emd3l/status/876221746139070464
https://twitter.com/cyb3rops/status/876090464037949440
https://t.co/tuNJ2AUgkN
https://blogs.technet.microsoft.com/mmpc/2017/06/16/analysis-of-the-shadow-brokers-release-and-mitigation-with-windows-10-virtualization-based-security/
https://twitter.com/cyb3rops/status/876075488837603333
https://twitter.com/cyb3rops/status/875674861225607168
https://twitter.com/cyb3rops/status/875670590950174720
https://t.co/DpfbbROa1T
http://groups.csail.mit.edu/mac/classes/6.805/articles/crypto/cypherpunks/may-crypto-manifesto.html
https://twitter.com/cyb3rops/status/875669575781822464
https://t.co/uKI5aMESsI
https://wikileaks.org/vault7/#Cherry%20Blossom
https://twitter.com/cyb3rops/status/875649365225783298
https://twitter.com/cyb3rops/status/875353198910898176
https://t.co/M5QRMNdIPD
https://t.co/JTxnuD10L7
https://www.virustotal.com/intelligence/blog/post/public-website-refresh/5430957313660468210-8471265970292257159/
https://virustotalcloud.appspot.com/nui/index.html#/home/upload
https://twitter.com/cyb3rops/status/875326993172230145
https://t.co/5lohFvQQFF
https://twitter.com/Harvesterify/status/875292781962559489
https://twitter.com/cyb3rops/status/875304983989817344
https://t.co/6foQ7qagsO
https://t.co/gXvgd0iqvt
https://www.slideshare.net/44Con/canape-workshop
https://www.contextis.com/services/research/canape/
https://twitter.com/cyb3rops/status/875294916133388288
https://twitter.com/cyb3rops/status/875028886115020801
https://t.co/QP6i5aGC0e
http://www.austintaylor.io/detect/beaconing/intrusion/detection/system/command/control/flare/elastic/stack/2017/06/10/detect-beaconing-with-flare-elasticsearch-and-intrusion-detection-systems/
https://twitter.com/cyb3rops/status/874951037014200320
https://t.co/iotObXvPMY
https://twitter.com/cyb3rops/status/712202224122896384
https://twitter.com/cyb3rops/status/874901843318583296
https://t.co/IN9FZsckd9
http://seclists.org/nmap-announce/2017/3
https://twitter.com/cyb3rops/status/874890276267012098
https://t.co/Rg0aRnPP7o
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_industroyer.yar
https://twitter.com/cyb3rops/status/874876084646490112
https://t.co/Xj8L2vlPPm
https://twitter.com/c_APT_ure/status/874707000420179970
https://twitter.com/cyb3rops/status/874760867119857664
https://t.co/LwBe9P7h3H
https://www.servethehome.com/intel-atom-c2000-series-bug-quiet/
https://twitter.com/cyb3rops/status/874662295145721856
https://t.co/sZdBGV0mPp
https://arstechnica.com/information-technology/2017/06/army-looks-at-cyber-soldiers-for-front-lines-as-battlefield-changes/#p3
https://twitter.com/cyb3rops/status/874661015430074368
https://t.co/cmQfVSfuVg
https://blog.netspi.com/targeting-rsa-emergency-access-tokencodes-fun-profit/
https://twitter.com/cyb3rops/status/874569128379547648
https://twitter.com/cyb3rops/status/874563855703298048
https://twitter.com/cyb3rops/status/874543885770514432
https://t.co/bPoqpoxL8e
https://www.welivesecurity.com/2017/06/12/industroyer-biggest-threat-industrial-control-systems-since-stuxnet/
https://twitter.com/cyb3rops/status/874542952349093889
https://t.co/AEI2dbr7mV
http://www.fireeye.com/blog/threat-research/2017/06/behind-the-carbanak-backdoor.html
https://twitter.com/cyb3rops/status/874542460638244864
https://t.co/ofF4QIWUG4
https://nakedsecurity.sophos.com/2017/06/12/word-exploits-weaponised-in-quick-time/amp/
https://twitter.com/cyb3rops/status/874541678996185088
https://t.co/8aNXDISFMX
https://arstechnica.com/security/2017/06/crash-override-malware-may-sabotage-electric-grids-but-its-no-stuxnet/?amp=1
https://twitter.com/cyb3rops/status/874540979428233217
https://t.co/1BOaZucvwj
http://blog.erratasec.com/2017/06/more-notes-on-us-certs-iocs.html
https://twitter.com/cyb3rops/status/874535156807335937
https://t.co/LSRBNNCCJn
https://www.gdatasoftware.com/blog/2017/06/29813-wannacry-it-s-not-over
https://twitter.com/cyb3rops/status/874520090661842944
https://twitter.com/cyb3rops/status/874519662519885825
https://t.co/QmfJ8NY1Bu
https://github.com/Neo23x0/Loki/releases
https://twitter.com/cyb3rops/status/874178292030504960
https://twitter.com/cyb3rops/status/874173955355156480
https://t.co/qEBFYuy7LV
https://t.co/yAtt54X7Dr
http://www.hexacorn.com/blog/2016/03/10/beyond-good-ol-run-key-part-36/
https://docs.google.com/spreadsheets/d/1f5OTQpEEvbiW-NzSfVTrzhmnZJ-hrmAZhRM7JXkDBSY/edit#gid=0
https://twitter.com/cyb3rops/status/874172922826502144
https://t.co/GrlXtAY0k2
https://countuponsecurity.com/2017/06/07/threat-hunting-in-the-enterprise-with-appcompatprocessor/
https://twitter.com/cyb3rops/status/873831516413071360
https://t.co/yK6eqM2ETW
https://github.com/m4b/bingrep/
https://twitter.com/cyb3rops/status/873452420508069888
https://t.co/roqC01qpEY
https://github.com/sroberts/awesome-iocs
https://twitter.com/cyb3rops/status/873445486899982336
https://t.co/ORouRdZKQE
https://t.co/yggvpAy9ce
https://cse.google.com/cse/publicurl?cx=003248445720253387346:turlh5vi4xc
https://gist.github.com/Neo23x0/c4f40629342769ad0a8f3980942e21d3
https://twitter.com/cyb3rops/status/873440028743135233
https://twitter.com/cyb3rops/status/873433616117903361
https://t.co/QQLDhscyBt
https://securelist.com/78674/sambacry-is-coming/
https://twitter.com/cyb3rops/status/873303399391006722
https://t.co/S2NK0Ycj0A
https://www.cyberark.com/threat-research-blog/shadow-admins-stealthy-accounts-fear/
https://twitter.com/cyb3rops/status/873233431479635968
https://t.co/dYorVKt3Xa
https://www.arbornetworks.com/blog/asert/another-banker-enters-matrix/
https://twitter.com/cyb3rops/status/873082774764134402
https://t.co/ydj7q6oZwD
https://arstechnica.com/security/2017/06/al-jazeera-claims-to-be-victim-of-cyber-attack-as-qatar-crisis-continues/#p3
https://twitter.com/cyb3rops/status/872769962947092480
https://twitter.com/cyb3rops/status/872757411014209536
https://t.co/rHkcX9Jzs1
https://www.welivesecurity.com/2017/06/06/turlas-watering-hole-campaign-updated-firefox-extension-abusing-instagram/?utm_source=facebook&utm_medium=cpc&utm_campaign=welivesecurity
https://twitter.com/cyb3rops/status/872567292894351361
https://t.co/1arJMmLcLD
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-anyconnect
https://twitter.com/cyb3rops/status/872559449801715715
https://t.co/K3urcYhd0i
https://suricata-ids.org/2017/06/07/suricata-4-0-0-beta1-ready-for-testing/
https://twitter.com/cyb3rops/status/872417898995879936
https://t.co/jnb48mqZBW
http://rubular.com/r/AyVVcMXQ2e
https://twitter.com/cyb3rops/status/872416140852699136
https://twitter.com/cyb3rops/status/872393736868835329
https://t.co/DjaIpR99Yf
https://t.co/Of8gSbpwjH
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_susp_regsvr32_anomalies.yml
https://subt0x10.blogspot.de/2017/04/bypass-application-whitelisting-script.html
https://twitter.com/cyb3rops/status/872382303091265536
https://twitter.com/cyb3rops/status/872375252348743680
https://twitter.com/cyb3rops/status/872371740093054976
https://t.co/D7sazBLGly
https://www.fireeye.com/blog/threat-research/2017/06/phished-at-the-request-of-counsel.html
https://twitter.com/cyb3rops/status/872346742116765696
https://t.co/1zwZpAJs9d
https://arstechnica.com/security/2017/06/russian-hackers-turn-to-britney-spears-for-help-concealing-espionage-malware/
https://twitter.com/cyb3rops/status/872005130702520320
https://t.co/IcofxceSmH
https://www.schneier.com/blog/archives/2017/05/who_are_the_sha.html
https://twitter.com/cyb3rops/status/871965225263779840
https://t.co/DvuMgqsKdI
http://blog.erratasec.com/2017/06/how-intercept-outed-reality-winner.html?m=1
https://twitter.com/cyb3rops/status/871714303434424321
https://t.co/IZtCAzhhrJ
https://t.co/3vnLSEy5bv
http://OBJECTS.DATA
https://github.com/darkquasar/WMI_Persistence
https://twitter.com/cyb3rops/status/871381854129205249
https://t.co/0mizKfpsUf
https://t.co/aY5imBwhnM
https://t.co/HhnP5c9YV7
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_eternalblue_non_wannacry.yar
https://www.hybrid-analysis.com/sample/4f49e17b457ef202ab0be905691ef2b2d2b0a086a7caddd1e70dd45e5ed3b309?environmentId=100
https://www.hybrid-analysis.com/sample/cba19d228abf31ec8afab7330df3c9da60cd4dae376552b503aea6d7feff9946?environmentId=100
https://twitter.com/cyb3rops/status/871271316426547201
https://t.co/gI2wKUJtTt
https://gist.github.com/Neo23x0/bf380b467659598e331ca1744a07fa05
https://twitter.com/cyb3rops/status/871269834268569600
https://twitter.com/cyb3rops/status/870986874504060928
https://t.co/9p9qMXruWp
https://t.co/nCWlDuyCkz
https://t.co/jV9jr0zcjv
https://github.com/Neo23x0/signature-base/blob/master/yara/crime_fireball.yar
https://github.com/Neo23x0/sigma/blob/master/rules/apt/crime_fireball.yml
https://www.hybrid-analysis.com/sample/f964a4b95d5c518fd56f06044af39a146d84b801d9472e022de4c929a5b8fdcc?environmentId=100
https://twitter.com/cyb3rops/status/870978143829544964
https://t.co/dIAOBivna2
http://www.fireeye.com/blog/threat-research/2017/05/threat-actors-leverage-eternalblue-exploit-to-deliver-non-wannacry-payloads.html
https://twitter.com/cyb3rops/status/870977085162086401
https://t.co/yW7hvgtkS8
https://improsec.com/blog/vulnerability-in-tsm
https://twitter.com/cyb3rops/status/870976727572504577
https://t.co/NnsozH0OzO
https://seaglass.cs.washington.edu/
https://twitter.com/cyb3rops/status/870382064276832256
https://t.co/eDXr1u2Cf0
https://github.com/Neo23x0/sigma/blob/master/rules/apt/apt_pandemic.yml
https://twitter.com/cyb3rops/status/870379882697699328
https://twitter.com/cyb3rops/status/870379098656436229
https://t.co/NbH6vr5HFO
https://twitter.com/ibmbriones/status/870366061744594944
https://twitter.com/cyb3rops/status/870375701081456643
https://twitter.com/cyb3rops/status/870316580005130240
https://t.co/rKx7autqUq
https://t.co/6O6zvDjBk1
https://github.com/ctxis/CAPE
https://cape.contextis.com/
https://twitter.com/cyb3rops/status/870288768313552896
https://t.co/zXVqvjcyhx
https://www.trustwave.com/Resources/SpiderLabs-Blog/Necurs-Recurs/
https://twitter.com/cyb3rops/status/869997556197191681
https://twitter.com/cyb3rops/status/869813018787549184
https://t.co/gcmMmdDQAh
https://blogs.msdn.microsoft.com/daviddasneves/2017/05/25/powershell-security-at-enterprise-customers/
https://twitter.com/cyb3rops/status/869803574846517248
https://twitter.com/cyb3rops/status/869792439611138048
https://t.co/MYhHp5fRx4
https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventID=4624
https://twitter.com/cyb3rops/status/869595741764931584
https://twitter.com/cyb3rops/status/869581436541689856
https://t.co/1oxvN4jl2B
https://michael-prokop.at/blog/2017/05/25/the-newinstretch-game-new-forensic-packages-in-debianstretch/
https://twitter.com/cyb3rops/status/869559461660282884
https://t.co/OtsWjDWWOl
https://blog.netspi.com/dynamic-binary-analysis-intel-pin/
https://twitter.com/cyb3rops/status/869289190499995649
https://t.co/IgwlM7LWHh
https://github.com/nccgroup/WMIcmd
https://twitter.com/cyb3rops/status/869287254904233984
https://t.co/3m7Kqpn66B
https://www.pentestpartners.com/security-blog/breaking-out-of-citrix-and-other-restricted-desktop-environments/?doing_wp_cron=1496081125.0811131000518798828125
https://twitter.com/cyb3rops/status/869235025920884736
https://t.co/hjEszS7gAh
https://github.com/slap-editor/slap
https://twitter.com/cyb3rops/status/868401884738015232
https://t.co/UHKsonGM2Q
https://t.co/3L6PtDep3b
https://keybase.io/download
https://keybase.io/docs/kbfs
https://twitter.com/cyb3rops/status/868383028967608321
https://t.co/Lo1rpVemlw
https://keybase.io/johngalt/sigs/12Tu7WH1OrWERWyQfloDnfLY9AGgrYRVh__e
https://twitter.com/cyb3rops/status/868234528615268353
https://t.co/VtppUMjHpV
https://github.com/macmade/KeychainCracker
https://twitter.com/cyb3rops/status/867500183713701888
https://t.co/ydvcuaMERz
https://github.com/Genetic-Malware/Ebowla
https://twitter.com/cyb3rops/status/867464684169027584
https://t.co/JRVsoMnGfG
https://www.cybereason.com/labs-operation-cobalt-kitty-a-large-scale-apt-in-asia-carried-out-by-the-oceanlotus-group/
https://twitter.com/cyb3rops/status/867456145866321920
https://t.co/lSYkIpewOi
https://t.co/m44Ny6mFsP
https://www.jetbrains.com/go/
http://color-themes.com/?view=index
https://twitter.com/cyb3rops/status/867431193935048704
https://t.co/pmCXMp3dsm
https://www.recordedfuture.com/hunting-paste-sites/
https://twitter.com/cyb3rops/status/867429227737567232
https://t.co/K76M97OKpU
http://blog.talosintelligence.com/2017/05/file2pcap.html
https://twitter.com/cyb3rops/status/867353698602807297
https://twitter.com/cyb3rops/status/867347640937308160
https://t.co/fiNfIg6HMw
https://lists.samba.org/archive/samba-announce/2017/000406.html
https://twitter.com/cyb3rops/status/867264998581653504
https://t.co/bFdrbN8xmH
http://www.procdot.com/
https://twitter.com/cyb3rops/status/867101738859454464
https://t.co/ZJ0bzqSVk4
https://blog.netspi.com/get-sql-server-sysadmin-privileges-local-admin-powerupsql/
https://twitter.com/cyb3rops/status/867094292786970624
https://t.co/fFFysnZIAp
https://blog.malwarebytes.com/cybercrime/2017/05/smb-and-scf-another-good-reason-to-disable-superfluous-protocols/
https://twitter.com/cyb3rops/status/866917713414901760
https://twitter.com/cyb3rops/status/866912623534768128
https://t.co/6vDxbiD39e
http://seclists.org/nmap-dev/2017/q2/105
https://twitter.com/cyb3rops/status/866750499781062656
https://t.co/T3COv793Zf
http://shiroyasha.io/coreutils-that-you-might-not-know.html
https://twitter.com/cyb3rops/status/866748503837597698
https://t.co/HmWy8FXrjC
https://blogs.technet.microsoft.com/sysinternals/2017/05/22/sysinternals-update-sysmon-v6-02-sigcheck-v2-55/
https://twitter.com/cyb3rops/status/866191550140878849
https://twitter.com/cyb3rops/status/865951619971723268
https://t.co/C3k63Ecq0O
https://blog.malwarebytes.com/cybercrime/2017/05/how-did-wannacry-ransomworm-spread/
https://twitter.com/cyb3rops/status/865552622224371712
https://t.co/ISPrrYyhDN
https://github.com/blechschmidt/massdns
https://twitter.com/cyb3rops/status/865549650211647488
https://twitter.com/cyb3rops/status/865520426075672576
https://twitter.com/cyb3rops/status/865471194585210881
https://twitter.com/cyb3rops/status/865329634325532674
https://twitter.com/cyb3rops/status/865315740571840512
https://t.co/hFxs9WYlKK
https://t.co/fBHf88Czd8
https://twitter.com/cybergibbons/status/864786228490756096
https://arstechnica.com/security/2017/05/windows-xp-pcs-infected-by-wcry-can-be-decrypted-without-paying-ransom/
https://twitter.com/cyb3rops/status/865205517102264322
https://t.co/VVqnGnteb3
https://github.com/Neo23x0/Loki
https://twitter.com/cyb3rops/status/865125461365596160
https://twitter.com/cyb3rops/status/865118620933914624
https://t.co/U73zINS70T
https://community.rapid7.com/community/metasploit/blog/2017/05/17/metasploit-the-power-of-the-community-and-eternalblue
https://twitter.com/cyb3rops/status/865098383261925376
https://t.co/rIzqd2M09e
https://t.co/eMXmzVXpYM
https://github.com/Neo23x0/signature-base/blob/master/yara/general_officemacros.yar#L48
https://github.com/Neo23x0/signature-base/blob/master/yara/crime_eternalrocks.yar
https://twitter.com/cyb3rops/status/864972209940570113
https://t.co/kEELYJsk6A
https://t.co/odwBa7QQ1I
https://t.co/1SUXZ8eNzK
https://www.virustotal.com/en/file/01b628fa60560c0cb4a332818cb380a65d0616d19976c084e0c3eaa433288b88/analysis/
https://www.virustotal.com/en/file/4384bf4530fb2e35449a8e01c7e0ad94e3a25811ba94f7847c1e6612bbb45359/analysis/
https://www.virustotal.com/en/file/80161d8b4eede382ac7463cc69a9de73a6edec4ec4a82a5b107047061cd653ec/analysis/
https://twitter.com/cyb3rops/status/864889455743840257
https://twitter.com/cyb3rops/status/864873671764135937
https://twitter.com/cyb3rops/status/864828106460319744
https://t.co/RnfEWBPmz2
https://www.theguardian.com/world/2016/sep/21/north-korea-only-28-websites-leak-official-data
https://twitter.com/cyb3rops/status/864827985718902790
https://twitter.com/cyb3rops/status/864824583488188416
https://twitter.com/cyb3rops/status/864781035673931776
https://twitter.com/cyb3rops/status/864521241323089920
https://t.co/pwJhlYPa0h
https://enigma0x3.net/2016/07/22/bypassing-uac-on-windows-10-using-disk-cleanup/
https://twitter.com/cyb3rops/status/864418133448302592
https://t.co/uwJe0lgQ47
http://www.intezer.com/wp-content/uploads/2017/05/Intezer_WannaCry.pdf
https://twitter.com/cyb3rops/status/864387035863404544
https://twitter.com/cyb3rops/status/864381134456619008
https://t.co/qefBUbjAdP
https://twitter.com/Viss/status/856227372785221632
https://twitter.com/cyb3rops/status/864367917797752833
https://t.co/vxlPSH7NgA
https://t.co/o5jLnMbVsG
https://www.lastline.com/blog/wannacry-ransomware/
https://docs.google.com/spreadsheets/d/1XNCCiiwpIfW8y0mzTUdLLVzoW6x64hkHJ29hcQW5deQ/pubhtml
https://twitter.com/cyb3rops/status/864362028378476544
https://twitter.com/cyb3rops/status/864223978906365952
https://twitter.com/cyb3rops/status/864118382718791680
https://t.co/4aema6GeyR
https://technet.microsoft.com/en-us/library/security/ms17-010.aspx
https://twitter.com/cyb3rops/status/864091892966985728
https://t.co/4gtt4mN0KP
https://github.com/cldrn/nmap-nse-scripts/issues/3
https://twitter.com/cyb3rops/status/864072887241670656
https://twitter.com/cyb3rops/status/864065524162015233
https://twitter.com/cyb3rops/status/864031146304208897
https://t.co/TX2sLHMs4x
https://twitter.com/actual_ransom/status/864027625332903936
https://twitter.com/cyb3rops/status/864030770192625664
https://t.co/PuI9DZ4QXR
https://blockchain.info/address/13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94
https://twitter.com/cyb3rops/status/864015845923721216
https://t.co/VSivS5BTyw
https://t.co/1hJRhmlZAv
http://seclists.org/nmap-dev/2017/q2/79
https://gist.github.com/Neo23x0/60268852ff3a5776ef66bc15d50a024a
https://twitter.com/cyb3rops/status/864012316635004929
https://twitter.com/cyb3rops/status/863890714106769408
https://t.co/FdM72LXTrB
https://t.co/U4OrDeS2s9
https://www.minerva-labs.com/post/immune-yourself-from-wannacry-ransomware-with-minervas-free-vaccinator
https://blog.trustlook.com/2017/05/14/wannacry-ransomware-scanner-and-vaccine-toolkit/
https://twitter.com/cyb3rops/status/863887555179229184
https://twitter.com/cyb3rops/status/863884181075410944
https://t.co/bzTJggkf9h
https://www.fireeye.com/blog/threat-research/2017/05/cyber-espionage-apt32.html
https://twitter.com/cyb3rops/status/863880547231080448
https://twitter.com/cyb3rops/status/863787105197191169
https://t.co/Uoxm5WwWFK
https://t.co/o5jLnMtwRg
https://github.com/Neo23x0/signature-base/blob/master/yara/crime_wannacry.yar
https://docs.google.com/spreadsheets/d/1XNCCiiwpIfW8y0mzTUdLLVzoW6x64hkHJ29hcQW5deQ/pubhtml
https://twitter.com/cyb3rops/status/863784078922874881
https://t.co/K2nSMEHbQD
http://blog.trendmicro.com/trendlabs-security-intelligence/massive-wannacrywcry-ransomware-attack-hits-various-countries/?utm_source=trendlabs-social&utm_medium=smk&utm_campaign=05-2017-wannacry
https://twitter.com/cyb3rops/status/863783433578967040
https://twitter.com/cyb3rops/status/863776355007254528
https://t.co/o5jLnMtwRg
https://docs.google.com/spreadsheets/d/1XNCCiiwpIfW8y0mzTUdLLVzoW6x64hkHJ29hcQW5deQ/pubhtml
https://twitter.com/cyb3rops/status/863774771405873152
https://t.co/Apa1iuP5Ce
https://www.hybrid-analysis.com/sample/32f24601153be0885f11d62e0a8a2f0280a2034fc981d8184180c5d3b1b9e8cf?environmentId=100
https://twitter.com/cyb3rops/status/863773192137134080
https://twitter.com/cyb3rops/status/863770808853954560
https://twitter.com/cyb3rops/status/863768836859998208
https://t.co/u2zkXqAPZu
https://www.ccn-cert.cni.es/en/updated-security/ccn-cert-statements/4485-nomorecry-tool-ccn-cert-s-tool-to-prevent-the-execution-of-the-ransomware-wannacry.html
https://twitter.com/cyb3rops/status/863763611092750336
https://t.co/0Dw69DaWOf
https://www.virustotal.com/en/file/f8812f1deb8001f3b7672b6fc85640ecb123bc2304b563728e6235ccbe782d85/analysis/
https://twitter.com/cyb3rops/status/863760691035066369
https://twitter.com/cyb3rops/status/863756011538173952
https://twitter.com/cyb3rops/status/863755521702146048
https://twitter.com/cyb3rops/status/863694367843921920
https://twitter.com/cyb3rops/status/863690208574930944
https://twitter.com/cyb3rops/status/863689895084163072
https://t.co/FILN9Le8Dw
https://twitter.com/viss/status/856227372785221632
https://twitter.com/cyb3rops/status/863679016804462592
https://t.co/jTmaRUUDiw
https://blog.malwarebytes.com/threat-analysis/2017/05/the-worm-that-spreads-wanacrypt0r/
https://twitter.com/cyb3rops/status/863515938762698752
https://twitter.com/cyb3rops/status/863457401869148160
https://twitter.com/cyb3rops/status/863453809519075332
https://t.co/BCp17xNUo4
https://www.splunk.com/blog/2016/10/05/detecting-ransomware-attacks-with-splunk/
https://twitter.com/cyb3rops/status/863440416938618881
https://t.co/Rdfh86tRkL
https://www.peerlyst.com/posts/wannacry-no-more-ransomware-worm-ioc-s-tor-c2-and-technical-analysis-siem-rules-andrii-bezverkhyi
https://twitter.com/cyb3rops/status/863424789729476608
https://t.co/lbsEVurvxd
http://blog.talosintelligence.com/2017/05/wannacry.html
https://twitter.com/cyb3rops/status/863418719766183936
https://t.co/lfa0pV7DPE
https://t.co/cBaZo0kZ7T
http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com
https://twitter.com/DidierStevens/status/863362210915119105
https://twitter.com/cyb3rops/status/863417748919128064
https://t.co/Etwy8FoESX
https://twitter.com/msuiche/status/863309882040225794
https://twitter.com/cyb3rops/status/863325629940469762
https://t.co/Uoxm5WwWFK
https://github.com/Neo23x0/signature-base/blob/master/yara/crime_wannacry.yar
https://twitter.com/cyb3rops/status/863323895193063424
https://t.co/31TYY9bvGU
https://otx.alienvault.com/pulse/5916cee44da2584776eaf2f6/
https://twitter.com/cyb3rops/status/863317398031663104
https://twitter.com/cyb3rops/status/863316589751488512
https://t.co/EeaO95fFxj
https://github.com/Neo23x0/sigma
https://twitter.com/cyb3rops/status/863313697665634304
https://t.co/muRXKsstlc
https://t.co/od3mURAptV
https://github.com/Neo23x0/sigma/blob/master/rules/windows/builtin/win_malware_wannacry.yml
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_malware_wannacrypt.yml
https://twitter.com/cyb3rops/status/863304931423473665
https://t.co/Uoxm5WwWFK
https://t.co/TXTyo0lZQI
https://github.com/Neo23x0/signature-base/blob/master/yara/crime_wannacry.yar
https://docs.google.com/spreadsheets/d/1XNCCiiwpIfW8y0mzTUdLLVzoW6x64hkHJ29hcQW5deQ/pubhtml#
https://twitter.com/cyb3rops/status/863272620548132865
https://t.co/o1S67jyuOz
https://twitter.com/cyb3rops/status/863138127891791872
https://twitter.com/cyb3rops/status/863159930873839617
https://twitter.com/cyb3rops/status/863159166411603969
https://twitter.com/cyb3rops/status/863148710489989122
https://twitter.com/cyb3rops/status/863146835518607364
https://t.co/cNWp9y6Vjy
https://www.hybrid-analysis.com/sample/ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa?environmentId=100
https://twitter.com/cyb3rops/status/863143844753412100
https://t.co/vmh8nFRjZl
https://gist.github.com/Neo23x0/3a245e6206951f17125f2b214b160fe8
https://twitter.com/cyb3rops/status/863141434211393536
https://twitter.com/cyb3rops/status/863138127891791872
https://t.co/od3mURAptV
https://t.co/PY6odpxN3X
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_malware_wannacrypt.yml
https://github.com/Neo23x0/sigma/blob/master/rules/windows/builtin/win_susp_backup_delete.yml
https://twitter.com/cyb3rops/status/863053207630643202
https://t.co/QrsBWeTYry
http://blog.talosintelligence.com/2017/05/jaff-ransomware.html
https://twitter.com/cyb3rops/status/862726243480989699
https://t.co/Y2Za0MCKyt
http://www.blackhillsinfosec.com/?p=5926
https://twitter.com/cyb3rops/status/862725243172990976
https://t.co/nlIwvGp7sx
https://t.co/M9ADlsSBqt
http://openmalware.org
https://github.com/MalwareReverseBrasil/malwaresearch/blob/master/README.md
https://twitter.com/cyb3rops/status/862697523395395584
https://t.co/ov7IgTQyog
http://researchcenter.paloaltonetworks.com/2017/05/unit42-practice-makes-perfect-nemucod-evolves-delivery-obfuscation-techniques-harvest-credentials/
https://twitter.com/cyb3rops/status/862697116233338881
https://t.co/BiQgO1gzXn
https://cysinfo.com/cyber-attack-targeting-cbi-and-possibly-indian-army-officials/
https://twitter.com/cyb3rops/status/862638434254454786
https://t.co/4MDWdlwsmv
https://github.com/hgascon/pulsar
https://twitter.com/cyb3rops/status/862365066506711040
https://t.co/OxKueHr1t2
https://gchq.github.io/CyberChef/
https://twitter.com/cyb3rops/status/862364246117666816
https://t.co/BR2fctjJKt
https://nioguard.blogspot.de/2017/05/targeted-attack-against-ukrainian.html
https://twitter.com/cyb3rops/status/862329022621118464
https://t.co/Q4xVrtHjQ3
https://www.trustwave.com/Resources/SpiderLabs-Blog/Airachnid--Web-Cache-Deception-Burp-Extender/
https://twitter.com/cyb3rops/status/862220680695336961
https://t.co/mHbdL4J8NY
https://intrusiontruth.wordpress.com/2017/05/09/apt3-is-boyusec-a-chinese-intelligence-contractor/
https://twitter.com/cyb3rops/status/862046729151160324
https://t.co/ktNYvKF4y4
https://github.com/Neo23x0/sigma/blob/master/rules/windows/builtin/win_susp_msmpeng_crash.yml
https://twitter.com/cyb3rops/status/861987530048249860
https://t.co/jbOJJeCW2g
https://arstechnica.com/information-technology/2017/05/windows-defender-nscript-remote-vulnerability/
https://twitter.com/cyb3rops/status/861986941843238914
https://t.co/VKngqH3O6F
https://blog.netspi.com/expanding-the-empire-with-sql/
https://twitter.com/cyb3rops/status/861926377150402560
https://twitter.com/cyb3rops/status/861911778132844548
https://t.co/Wqfnh6IEZ2
http://seclists.org/fulldisclosure/2017/May/27
https://twitter.com/cyb3rops/status/861861214300798976
https://twitter.com/cyb3rops/status/861856357762387968
https://twitter.com/cyb3rops/status/861856048126320640
https://t.co/h2NW5aDzQa
https://github.com/canix1/ADACLScanner
https://twitter.com/cyb3rops/status/861850017245614083
https://t.co/EhoCAV39AO
https://bugs.chromium.org/p/project-zero/issues/detail?id=1252&desc=5
https://twitter.com/cyb3rops/status/861830453124378625
https://twitter.com/cyb3rops/status/861702257154195456
https://t.co/rMH8sMCmCj
https://t.co/08kl5TUh4c
https://4sysops.com/archives/ad-acl-scanner-easily-generate-active-directory-permissions-reports/
http://filehippo.com/download_ad-acl-scanner/
https://twitter.com/cyb3rops/status/861645066636595206
https://twitter.com/cyb3rops/status/861566364539944961
https://t.co/Slgrl1tBWU
https://www.sourcetrail.com/
https://twitter.com/cyb3rops/status/861558805577908226
https://t.co/sM2cjMXZ1i
https://github.com/bmatzelle/gow/wiki
https://twitter.com/cyb3rops/status/861546726410399744
https://t.co/eNK17ML9vv
https://t.co/CJEgP4mI9t
https://github.com/Neo23x0/sigma/blob/master/rules/windows/builtin/win_sups_dns_config.yml
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_dns_serverlevelplugindll.yml
https://twitter.com/cyb3rops/status/861219027796078592
https://t.co/d4Dp9L9gsu
https://t.co/bYZODX9TJw
https://github.com/shmgr
https://twitter.com/Viss/status/861148449714065408
https://twitter.com/cyb3rops/status/861005655653613568
https://t.co/lSCKOnMJSK
https://t.co/PxFVYFGkOv
https://www.shodan.io/search?query=%28port%3A16992+%7C%7C+port%3A623%29+Intel%28R%29+Active+Management+Technology
https://twitter.com/xorrbit/status/860865681125933056
https://twitter.com/cyb3rops/status/860886877800284160
https://t.co/D6ujpyZYXa
https://github.com/eliangcs/http-prompt
https://twitter.com/cyb3rops/status/860527893537071104
https://twitter.com/cyb3rops/status/860527130706313217
https://t.co/RTHnwmvPCC
https://foxglovesecurity.com/2016/09/26/rotten-potato-privilege-escalation-from-service-accounts-to-system/
https://twitter.com/cyb3rops/status/860525434269728768
https://t.co/F6J4FAsd5F
https://pentestlab.blog/2017/04/13/hot-potato/
https://twitter.com/cyb3rops/status/860523876463390722
https://t.co/bTYl2kWKUs
https://github.com/GDSSecurity/Windows-Exploit-Suggester
https://twitter.com/cyb3rops/status/860520046749257728
https://t.co/s5497CnMu9
https://t.co/NXpVZJcQc8
https://foxglovesecurity.com/2016/01/16/hot-potato/
https://github.com/Kevin-Robertson/Tater
https://twitter.com/cyb3rops/status/860483391887691777
https://t.co/EeaO95fFxj
https://github.com/Neo23x0/sigma
https://twitter.com/cyb3rops/status/860239117145313280
https://t.co/eJFX09indi
https://t.co/oSZ5cWBhhi
https://www.redcanary.com/blog/how-to-prevent-ransomware/
https://docs.microsoft.com/en-us/windows/device-security/applocker/administer-applocker
https://twitter.com/cyb3rops/status/860227842717700096
https://t.co/eJFX09indi
https://www.redcanary.com/blog/how-to-prevent-ransomware/
https://twitter.com/cyb3rops/status/860165054536220672
https://t.co/EknldQinN5
https://regldg.com/tryit.php
https://twitter.com/cyb3rops/status/860147011764473856
https://t.co/UW789Yyrwc
https://github.com/ztgrace/changeme
https://twitter.com/cyb3rops/status/860089624898789376
https://t.co/Ux4PqCr7yk
https://twitter.com/Netzob/status/860043365311815680
https://twitter.com/cyb3rops/status/860075047435857921
https://t.co/WXtEBlnmSg
https://www.arbornetworks.com/blog/asert/greenbugs-dns-isms/
https://twitter.com/cyb3rops/status/860064520391282688
https://t.co/dOSFTp2dRq
https://t.co/Q5b1udhsbu
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_snaketurla_osx.yar
https://blog.fox-it.com/2017/05/03/snake-coming-soon-in-mac-os-x-flavour/
https://twitter.com/cyb3rops/status/860061032135446529
https://t.co/Xw7dZYinsj
http://researchcenter.paloaltonetworks.com/2017/05/unit42-kazuar-multiplatform-espionage-backdoor-api-access/
https://twitter.com/cyb3rops/status/860046851776675840
https://t.co/XfgdgaiAyg
https://github.com/SwiftOnSecurity/sysmon-config/pull/25
https://twitter.com/cyb3rops/status/860044302080253952
https://t.co/HkjMRxp0TX
https://www.fireeye.com/blog/threat-research/2017/05/fin7-shim-databases-persistence.html
https://twitter.com/cyb3rops/status/860036921828966400
https://t.co/BPybwVCv3i
https://gist.github.com/Neo23x0/9555f052c4e222043e6d8a44e34f5455
https://twitter.com/cyb3rops/status/860027614894927872
https://t.co/aoWAZgYsek
https://www.oo-software.com/en/shutup10
https://twitter.com/cyb3rops/status/859836725455200259
https://twitter.com/cyb3rops/status/859719187811401732
https://t.co/Al0FtLrcsy
http://www.kahusecurity.com/2016/script-deobfuscator-released/
https://twitter.com/cyb3rops/status/859714587490484224
https://t.co/crOLwTIQC0
https://t.co/KJZ2Bu2Daq
http://mig.mozilla.org/
https://osquery.io/
https://twitter.com/cyb3rops/status/859714261689524224
https://t.co/aRyYon8yKL
https://github.com/CERT-W/certitude
https://twitter.com/cyb3rops/status/859660210146824192
https://t.co/pY16wp0olC
https://twitter.com/binitamshah/status/859620277554216961
https://twitter.com/cyb3rops/status/859417334213169152
https://t.co/ogFQ2t5ppl
http://blog.jpcert.or.jp/2017/05/volatility-plugin-for-detecting-redleaves-malware.html
https://twitter.com/cyb3rops/status/859407141702033409
https://t.co/6PxqTmqaf5
https://mspoweruser.com/microsoft-releases-new-tool-policy-analyzer/
https://twitter.com/cyb3rops/status/859376944210558976
https://t.co/E8yUGtlyNj
https://www.gironsec.com/blog/2017/03/joecrypter-update-and-more/
https://twitter.com/cyb3rops/status/859291700619087872
https://t.co/zaxQLnKWly
http://mjg59.dreamwidth.org/48429.html
https://twitter.com/cyb3rops/status/859112603154558976
https://twitter.com/cyb3rops/status/859055454625968128
https://t.co/JJovpGdivn
https://www.schneier.com/blog/archives/2017/05/who_is_publishi.html
https://twitter.com/cyb3rops/status/859054327800975360
https://t.co/S7Q8sgDC0p
https://www.trustwave.com/Resources/SpiderLabs-Blog/Carbanak-Continues-To-Evolve--Quietly-Creeping-into-Remote-Hosts/
https://twitter.com/cyb3rops/status/859049631946346496
https://twitter.com/cyb3rops/status/859047891272437760
https://twitter.com/cyb3rops/status/859045979529596928
https://twitter.com/cyb3rops/status/859014543799836672
https://t.co/bq7VYTMcmU
https://github.com/SumoLogic/sumoshell
https://twitter.com/cyb3rops/status/859011665643417600
https://twitter.com/cyb3rops/status/858763251735244800
https://t.co/swkKTsqFsh
https://dtag-dev-sec.github.io/mediator/feature/2016/10/31/t-pot-16.10.html
https://twitter.com/cyb3rops/status/858757853078749185
https://t.co/LIPFHwRMwZ
https://www.serverdensity.com/monitor/linux/how-to/
https://twitter.com/cyb3rops/status/858718030506979329
https://twitter.com/cyb3rops/status/858705178215755780
https://twitter.com/cyb3rops/status/858676822200000512
https://t.co/kSBY4Tam0Y
https://www.patreon.com/posts/taskexplorer-v1-9588157
https://twitter.com/cyb3rops/status/858625948488523778
https://t.co/kNLvla0Qqs
https://www.docusnap.com/en/
https://twitter.com/cyb3rops/status/858623292734930945
https://t.co/C3bmStzyus
https://github.com/kala13x/scap
https://twitter.com/cyb3rops/status/858355745779314689
https://twitter.com/cyb3rops/status/858355638388314113
https://t.co/hV2stF3J5w
https://github.com/Neo23x0/sigma/blob/master/tools/backends.py
https://twitter.com/cyb3rops/status/858354851637596162
https://t.co/lW4QE35oH8
https://github.com/PatrolServer/bashscanner
https://twitter.com/cyb3rops/status/858350680679096320
https://twitter.com/cyb3rops/status/858349922504118273
https://t.co/dfcj56qlSM
https://github.com/Neo23x0/signature-base/issues/12
https://twitter.com/cyb3rops/status/857887374528974848
https://t.co/ec2ItUhNqF
https://t.co/PP1vXPjvAi
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_mshta_spawn_shell.yml
http://blog.morphisec.com/iranian-fileless-cyberattack-on-israel-word-vulnerability
https://twitter.com/cyb3rops/status/857851106990469120
https://t.co/PP1vXPjvAi
http://blog.morphisec.com/iranian-fileless-cyberattack-on-israel-word-vulnerability
https://twitter.com/cyb3rops/status/857847383362764800
https://t.co/uv7U8mUgxw
http://researchcenter.paloaltonetworks.com/2017/04/unit42-oilrig-actors-provide-glimpse-development-testing-efforts/
https://twitter.com/cyb3rops/status/857843933778456576
https://t.co/hhVDmlH544
https://arstechnica.com/security/2017/04/russian-controlled-telecom-hijacks-financial-services-internet-traffic/
https://twitter.com/cyb3rops/status/857843012990377985
https://t.co/ryHlgQ4qsw
https://www.us-cert.gov/ncas/alerts/TA17-117A
https://twitter.com/cyb3rops/status/857677447659229187
https://t.co/DMHhL2R2Ic
https://yeti-platform.github.io
https://twitter.com/cyb3rops/status/857501497923436544
https://t.co/K61V2aK3yy
https://securityblog.gr/4329/stunnel-and-burp-pro/
https://twitter.com/cyb3rops/status/857495960242597888
https://twitter.com/cyb3rops/status/857354432173965312
https://t.co/8ttnjCF4wG
https://github.com/Checkmarx/Go-SCP
https://twitter.com/cyb3rops/status/857353743553241090
https://t.co/BrieRXo1ky
https://github.com/trailofbits/manticore/
https://twitter.com/cyb3rops/status/857310116286214144
https://t.co/La5DYdK75k
https://objective-see.com/products/blockblock.html
https://twitter.com/cyb3rops/status/857137455618805760
https://twitter.com/cyb3rops/status/857125820095229952
https://t.co/ckEu524GDD
https://www.scribd.com/document/346419905/Antivirus-Event-Analysis-CheatSheet-1-1
https://twitter.com/cyb3rops/status/856974315346153473
https://t.co/q7GhzFJPwu
https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml#
https://twitter.com/cyb3rops/status/856914391958245379
https://t.co/1YqB1FBc4e
https://www.welivesecurity.com/2017/04/25/linux-shishiga-malware-using-lua-scripts/
https://twitter.com/cyb3rops/status/856605476787597312
https://t.co/hGIflH1RDe
https://github.com/Neo23x0/Loki/releases/tag/0.20.0
https://twitter.com/cyb3rops/status/856597664556736514
https://t.co/hGIflH1RDe
https://github.com/Neo23x0/Loki/releases/tag/0.20.0
https://twitter.com/cyb3rops/status/856566400600739840
https://twitter.com/cyb3rops/status/856559588291772416
https://twitter.com/cyb3rops/status/856534892229820416
https://twitter.com/cyb3rops/status/855861948306554880
https://t.co/ozv7dyPJaH
https://github.com/THIBER-ORG/userline/blob/master/README.md
https://twitter.com/cyb3rops/status/855744982455635968
https://twitter.com/cyb3rops/status/855724426670768129
https://twitter.com/cyb3rops/status/855473508914167808
https://t.co/zclFP6BJG3
https://arstechnica.com/security/2017/04/researchers-claim-china-trying-to-hack-south-korea-missile-defense-efforts/
https://twitter.com/cyb3rops/status/855473391117250562
https://t.co/0yIekY4XIc
https://blog.cloudflare.com/aes-cbc-going-the-way-of-the-dodo/
https://twitter.com/cyb3rops/status/855098935324626944
https://t.co/vJMcAGsSoE
https://zeltser.com/fileless-malware-beyond-buzzword/
https://twitter.com/cyb3rops/status/855097988854808576
https://t.co/SqBJhbkUA4
http://www.kitploit.com/2017/04/ad-ldap-enum-active-directory-ldap.html
https://twitter.com/cyb3rops/status/855090958106587136
https://t.co/60UQENsZfg
https://www.shellntel.com/blog/2017/2/8/how-to-build-a-8-gpu-password-cracker
https://twitter.com/cyb3rops/status/854967502727774208
https://t.co/NOP6PFN0pn
https://blog.didierstevens.com/2017/04/20/malicious-documents-the-matryoshka-edition/
https://twitter.com/cyb3rops/status/854959981287931904
https://t.co/PCLouOmbF3
https://isc.sans.edu/diary.html
https://twitter.com/cyb3rops/status/854959536276373505
https://twitter.com/cyb3rops/status/854665288440217600
https://twitter.com/cyb3rops/status/854306031182196736
https://t.co/rdCy0gdwFS
https://www.google.de/search?q=inurl:hybrid-analysis.com+ransomware
https://twitter.com/cyb3rops/status/854271433429704704
https://t.co/YcwhKifsGB
http://seclist.us/powerstager-a-payload-stager-using-powershell.html
https://twitter.com/cyb3rops/status/854241920935235584
https://t.co/q7GhzFJPwu
https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml#
https://twitter.com/cyb3rops/status/853991754886000640
https://twitter.com/cyb3rops/status/853982829528666112
https://twitter.com/cyb3rops/status/853970461700608000
https://twitter.com/cyb3rops/status/853945513456140288
https://twitter.com/cyb3rops/status/853937689191690240
https://twitter.com/cyb3rops/status/853934762624524289
https://twitter.com/cyb3rops/status/853923916741562368
https://t.co/weB2MCrfI9
https://t.co/znzNoSl8Hc
https://github.com/Neo23x0/signature-base/commit/cfebd5ea39c636bbd39f23072bee9ebda8edf3fa
https://docs.google.com/spreadsheets/d/1BuBiAimfOVTVx-a17yXANKVSED2rOkh0RJKSFm8l2ss/pubhtml
https://twitter.com/cyb3rops/status/853896154874032129
https://t.co/qcfxYiBZcG
https://twitter.com/simey/status/853432797159079942
https://twitter.com/cyb3rops/status/853894709101694976
https://twitter.com/cyb3rops/status/853547843717562369
https://t.co/QmUW0s2wWG
https://github.com/Neo23x0/sigma/blob/master/rules/apt/apt_equationgroup_c2.yml
https://twitter.com/cyb3rops/status/853345242376019969
https://t.co/KFHhoZLQvc
https://t.co/cphjPTWR2h
https://t.co/0mtqz7MyMu
https://objective-see.com/products/knockknock.html
http://www.soma-zone.com/LaunchControl/
https://www.obdev.at/products/littlesnitch/index.html
https://twitter.com/cyb3rops/status/853001469234212868
https://t.co/AzNrw1aOTc
https://medium.com/@msuiche/the-nsa-compromised-swift-network-50ec3000b195
https://twitter.com/cyb3rops/status/852866245661782017
https://t.co/leNY2r82bY
https://labsblog.f-secure.com/2017/04/13/the-callisto-group/
https://twitter.com/cyb3rops/status/852621468475305985
https://t.co/VagBwkiwGh
http://blog.gdssecurity.com/labs/2017/4/13/vmware-vcenter-unauthenticated-rce-using-cve-2017-5638-apach.html
https://twitter.com/cyb3rops/status/852300375063498752
https://t.co/nMT03lHx7o
https://twitter.com/joe4security/status/852139196764565504
https://twitter.com/cyb3rops/status/852299807469309952
https://t.co/ec2ItUhNqF
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_mshta_spawn_shell.yml
https://twitter.com/cyb3rops/status/852213155015118848
https://twitter.com/cyb3rops/status/852147736568709120
https://t.co/N1qiPCKmxm
https://github.com/docbleach/DocBleach
https://twitter.com/cyb3rops/status/852103249758998528
https://t.co/q7GhzFJPwu
https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml#
https://twitter.com/cyb3rops/status/851834203750756353
https://t.co/M88ExWoFMw
https://securelist.com/blog/research/77990/unraveling-the-lamberts-toolkit/
https://twitter.com/cyb3rops/status/851832909384253442
https://t.co/goJg2bqf51
https://blog.netspi.com/getting-started-wmi-weaponization-part-3/
https://twitter.com/cyb3rops/status/851832546249887745
https://t.co/uSnnz4rPbW
https://www.proofpoint.com/us/threat-insight/post/dridex-campaigns-millions-recipients-unpatched-microsoft-zero-day
https://twitter.com/cyb3rops/status/851361235442565120
https://t.co/7zfKTg0gpG
https://github.com/Neo23x0/sigma/blob/master/rules/windows/powershell/powershell_prompt_credentials.yml
https://twitter.com/cyb3rops/status/851358396322283520
https://t.co/MYxTRNBYbj
https://t.co/EeaO95fFxj
http://www.misp-project.org/2017/03/26/MISP.2.4.70.released.html
https://github.com/Neo23x0/sigma
https://twitter.com/cyb3rops/status/851195922339987456
https://t.co/QUcG6xNWt6
https://github.com/Neo23x0/Loki/tree/master/tools
https://twitter.com/cyb3rops/status/851188905575682048
https://t.co/ZaYU908cnQ
https://t.co/IFVvzHQaWm
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_eqgrp_apr17.yar
https://github.com/Neo23x0/sigma/blob/master/rules/apt/apt_equationgroup_lnx.yml
https://twitter.com/cyb3rops/status/851121467278450688
https://twitter.com/cyb3rops/status/851007253020856321
https://twitter.com/cyb3rops/status/850751048071426049
https://twitter.com/cyb3rops/status/850739110637694976
https://t.co/x4uXgDJi65
https://medium.com/@shadowbrokerss/dont-forget-your-base-867d304a94b1
https://twitter.com/cyb3rops/status/850665767804776448
https://t.co/VVqnGnteb3
https://t.co/Qqg0sfmJEO
https://github.com/Neo23x0/Loki
https://github.com/Neo23x0/signature-base
https://twitter.com/cyb3rops/status/850623758788374528
https://t.co/NPIGnu0t0W
https://github.com/corkami/pics/tree/master/binary
https://twitter.com/cyb3rops/status/850462917225009152
https://t.co/EeaO95fFxj
https://github.com/Neo23x0/sigma
https://twitter.com/cyb3rops/status/850318253088022532
https://twitter.com/cyb3rops/status/850302222369992704
https://t.co/Hlp449MevT
https://github.com/polymorf/findcrypt-yara
https://twitter.com/cyb3rops/status/850056332854120449
https://t.co/8na9OxbtH6
http://molo.ch
https://twitter.com/cyb3rops/status/850055550578700289
https://t.co/uS3qtWCzQB
https://blog.netspi.com/getting-started-wmi-weaponization-part-2/
https://twitter.com/cyb3rops/status/850055101632925696
https://t.co/umduzL7hWw
https://blog.malwarebytes.com/threat-analysis/2017/04/diamond-fox-p2/amp/
https://twitter.com/cyb3rops/status/849986233023569922
https://t.co/ldDY7bR5kG
https://www.fidelissecurity.com/TradeSecret
https://twitter.com/cyb3rops/status/849912977541255168
https://t.co/3aAKS47p7N
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_bitsadmin_download.yml
https://twitter.com/cyb3rops/status/849679273296363521
https://twitter.com/cyb3rops/status/849155352549634048
https://t.co/DUtY2EPJj4
https://securelist.com/blog/sas/77908/lazarus-under-the-hood/
https://twitter.com/cyb3rops/status/849139873177112580
https://twitter.com/cyb3rops/status/848909116160561152
https://t.co/sxFsOXuB79
http://www.fireeye.com/blog/threat-research/2017/03/dissecting_one_ofap.html
https://twitter.com/cyb3rops/status/848908952683327489
https://t.co/bDSg4KaxgD
http://resources.infosecinstitute.com/targeting-wsus-server/
https://twitter.com/cyb3rops/status/848908030586630145
https://t.co/7T7jhfRBuv
http://enigma0x3.net/2017/04/03/defeating-device-guard-a-look-into-cve-2017-0007
https://twitter.com/cyb3rops/status/848906507324452864
https://twitter.com/cyb3rops/status/848792668381609984
https://t.co/fNEKGpmQGR
http://blog.jpcert.or.jp/2017/04/redleaves---malware-based-on-open-source-rat.html
https://twitter.com/cyb3rops/status/848643974583775232
https://t.co/cad0PJjVen
http://www.clearskysec.com/copykitten-jpost/
https://twitter.com/cyb3rops/status/848580881862332417
https://twitter.com/cyb3rops/status/848315176998797312
https://t.co/TLHsXyWDsp
https://linux.huntingmalware.com/dashboard/
https://twitter.com/cyb3rops/status/848297900530651136
https://t.co/ZLnF3yI1aV
https://cyberwardog.blogspot.de/2017/04/chronicles-of-threat-hunter-hunting-for.html?m=1
https://twitter.com/cyb3rops/status/848278814732021760
https://twitter.com/cyb3rops/status/848193603822342145
https://twitter.com/cyb3rops/status/848091309860679680
https://t.co/ihr8mJDrN1
https://t.co/vM8laHWT8w
https://github.com/Neo23x0/sigma/blob/master/rules/apt/apt_apt29_tor.yml
https://www.fireeye.com/blog/threat-research/2017/03/apt29_domain_frontin.html
https://twitter.com/cyb3rops/status/847870380886962180
https://twitter.com/cyb3rops/status/847814258582847488
https://t.co/J00iFMBsAQ
https://github.com/rapid7/metasploit-framework/pull/8166
https://twitter.com/cyb3rops/status/847337342704549889
https://t.co/WOXSUjGUlD
https://blog.malwarebytes.com/cybercrime/2017/03/websites-compromised-decimal-ip-campaign/
https://twitter.com/cyb3rops/status/847160476387737600
https://twitter.com/cyb3rops/status/847021990582063104
https://t.co/1El0TQrISF
http://blog.trendmicro.com/trendlabs-security-intelligence/cerber-starts-evading-machine-learning/
https://twitter.com/cyb3rops/status/847021627678318592
https://t.co/MYemjoKTZZ
http://researchcenter.paloaltonetworks.com/2017/03/unit42-dimnie-hiding-plain-sight/
https://twitter.com/cyb3rops/status/847020801715003392
https://t.co/ghIRqws7NM
https://www.helpnetsecurity.com/2017/03/28/apple-file-system-encryption/
https://twitter.com/cyb3rops/status/847019727511863300
https://t.co/hRyqPHZtLj
https://securingtomorrow.mcafee.com/mcafee-labs/ransomware-families-use-nsis-installers-to-avoid-detection-analysis/
https://twitter.com/cyb3rops/status/847017759947083778
https://t.co/o3hkc1E60G
http://blog.trendmicro.com/trendlabs-security-intelligence/iis-6-0-vulnerability-leads-code-execution/
https://twitter.com/cyb3rops/status/846382775997546498
https://t.co/JnyapMy0xJ
https://t.co/fDl08Cigy2
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_susp_certutil_decode.yml
https://twitter.com/PayloadSecurity/status/846367635495378944
https://twitter.com/cyb3rops/status/846353910692503556
https://t.co/5bVQILmGuL
https://github.com/Neo23x0/sigma/commit/707e5a948fec69afdec03c5ab33287adac0304d0
https://twitter.com/cyb3rops/status/846330217371197441
https://t.co/5yNmPMQoNP
http://researchcenter.paloaltonetworks.com/2017/03/unit42-shamoon-2-delivering-disttrack/
https://twitter.com/cyb3rops/status/846297541117448192
https://t.co/SPSTmrT82V
https://github.com/floyd-fuh/crass
https://twitter.com/cyb3rops/status/846257619136380929
https://twitter.com/cyb3rops/status/846116887566188544
https://t.co/j2BU2u3LFC
https://t.co/OH6rC0V2Ec
https://technet.microsoft.com/en-us/windows-server-docs/identity/ad-ds/manage/component-updates/command-line-process-auditing
https://github.com/Neo23x0/sigma/blob/master/rules/windows/builtin/win_susp_process_creations.yml
https://twitter.com/cyb3rops/status/845589531931922432
https://t.co/wBFuXw7Pjg
http://www.threatgeek.com/2017/03/using-yara-for-intrusion-prevention.html
https://twitter.com/cyb3rops/status/845542309253058560
https://t.co/IhrSD9o9ms
https://augmentd.co/
https://twitter.com/cyb3rops/status/845311047200362496
https://twitter.com/cyb3rops/status/845309036249669632
https://t.co/5hcIcc7lMP
https://wikileaks.org/vault7/darkmatter/
https://twitter.com/cyb3rops/status/845277281761267712
https://t.co/KAKz21o1Tu
http://seclists.org/fulldisclosure/2017/Mar/60
https://twitter.com/cyb3rops/status/845226728666644480
https://t.co/uOVrWMjD3K
https://blog.malwarebytes.com/cybercrime/social-engineering-cybercrime/2017/03/new-targeted-attack-saudi-arabia-government/
https://twitter.com/cyb3rops/status/845210129377230848
https://t.co/Z9Kp7QcgWy
https://github.com/dstaulcu/TA-Sigma-Searches
https://twitter.com/cyb3rops/status/844959477602406400
https://t.co/bk5zaJJdzG
http://www.labofapenetrationtester.com/2017/03/using-sql-server-for-attacking-forest-trust.html
https://twitter.com/cyb3rops/status/844958479907520518
https://t.co/Hj4sjYRSU3
http://blogs.cisco.com/security/talos/how-malformed-rtf-defeats-security-engines
https://twitter.com/cyb3rops/status/844958301947342848
https://t.co/PNK2lLQKC1
http://www.fireeye.com/blog/threat-research/2017/03/wmimplant_a_wmi_ba.html
https://twitter.com/cyb3rops/status/844957747531698176
https://t.co/4qzB5awzkE
https://www.trustwave.com/Resources/SpiderLabs-Blog/Exploiting-Privilege-Escalation-in-Serv-U-by-SolarWinds/
https://twitter.com/cyb3rops/status/844827992924733441
https://t.co/KdkIJhcKdB
https://github.com/jhallen/joes-sandbox/blob/master/editor-perf/readme.md
https://twitter.com/cyb3rops/status/844827017077940225
https://t.co/kSpPilvuiW
https://medium.com/@msuiche/cyber-security-thoughts-on-trumps-laptop-ban-1b75cd1c936e?source=rss-bac3a09af3b4------2
https://twitter.com/cyb3rops/status/844826423701364737
https://t.co/cO4sR34fYI
http://blog.jpcert.or.jp/2017/03/malware-clustering-using-impfuzzy-and-network-analysis---impfuzzy-for-neo4j-.html
https://twitter.com/cyb3rops/status/844636223033540610
https://t.co/DfAePJHn1N
https://blog.domaintools.com/2017/03/hunt-case-study-hunting-campaign-indicators-on-privacy-protected-attack-infrastructure/
https://twitter.com/cyb3rops/status/844558516174147586
https://t.co/0cATWBLEZa
http://blog.trendmicro.com/trendlabs-security-intelligence/winnti-abuses-github/
https://twitter.com/cyb3rops/status/844176656273211392
https://twitter.com/cyb3rops/status/844144437118881793
https://twitter.com/cyb3rops/status/844123262116401152
https://t.co/NJZ44TvxLK
https://t.co/SsyliLosso
https://t.co/mwKStgheV3
https://enigma0x3.net/2017/03/17/fileless-uac-bypass-using-sdclt-exe/
https://enigma0x3.net/2016/08/15/fileless-uac-bypass-using-eventvwr-exe-and-registry-hijacking/
https://github.com/Neo23x0/sigma/search?utf8=%E2%9C%93&q=uac+bypass&type=Code
https://twitter.com/cyb3rops/status/844103891230900224
https://t.co/9opRNBqOJA
http://blog.talosintelligence.com/2017/03/necurs-diversifies.html
https://twitter.com/cyb3rops/status/844103338836869122
https://t.co/EcgKal2jcF
https://t.co/l0lDZR7koQ
http://GitHub.com
https://github.com/blog/2338-sha-1-collision-detection-on-github-com
https://twitter.com/cyb3rops/status/843927706001686532
https://t.co/eR0dCFOy6o
http://www.clearskysec.com/iec/
https://twitter.com/cyb3rops/status/843918089666383872
https://t.co/mmDFfDZvzS
https://arstechnica.com/security/2017/03/a-simple-command-allows-the-cia-to-commandeer-318-models-of-cisco-switches/
https://twitter.com/cyb3rops/status/843917870291738628
https://t.co/fiRc97CB2s
https://community.hpe.com/t5/Security-Research/Struts2-046-A-new-vector/ba-p/6949723#.WNA2njykrYU
https://twitter.com/cyb3rops/status/843804022087782401
https://t.co/owrrjcgzjk
https://github.com/smxlabs/LAMMA-beta
https://twitter.com/cyb3rops/status/843803469786075136
https://t.co/hikV4qPMFk
http://www.deependresearch.org/2017/03/analysis-of-trumps-secret-server-story.html?m=1
https://twitter.com/cyb3rops/status/843186093734445056
https://t.co/PFnQRMvGnS
https://pentest.blog/unexpected-journey-4-escaping-from-restricted-shell-and-gaining-root-access-to-solarwinds-log-event-manager-siem-product/
https://twitter.com/cyb3rops/status/843089216812847104
https://t.co/IirXy4HbJO
https://github.com/Neo23x0/sigma/pull/14
https://twitter.com/cyb3rops/status/843030582426787840
https://t.co/QAcAWHHZ5r
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170317-cmp
https://twitter.com/cyb3rops/status/842781601633353733
https://t.co/VEdWfGntl5
https://twitter.com/cyb3rops/status/842618976618401792
https://twitter.com/cyb3rops/status/842662817375358976
https://t.co/va8Fw8Ak1I
https://t.co/ulNli7i69L
https://github.com/Neo23x0/sigma/blob/master/rules/windows/other/win_rare_schtask_creation.yml
https://github.com/Neo23x0/sigma/blob/master/rules/windows/builtin/win_rare_service_installs.yml
https://twitter.com/cyb3rops/status/842618976618401792
https://t.co/VABxRPjKGO
http://blog.0day.jp/p/english-report-of-fhappi-freehosting.html?m=1
https://twitter.com/cyb3rops/status/842488906025263104
https://t.co/kdBuyZn855
http://www.harmj0y.net/blog/redteaming/pass-the-hash-is-dead-long-live-localaccounttokenfilterpolicy/
https://twitter.com/cyb3rops/status/842437878521200641
https://t.co/ZVP6UiPQsr
https://t.co/1nE9Wa7XZ1
https://www.carbonblack.com/2017/03/15/attackers-leverage-excel-powershell-dns-latest-non-malware-attack/
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_susp_powershell_parent_combo.yml
https://twitter.com/cyb3rops/status/842423586379956224
https://t.co/ZVP6UiPQsr
https://www.carbonblack.com/2017/03/15/attackers-leverage-excel-powershell-dns-latest-non-malware-attack/
https://twitter.com/cyb3rops/status/842411603475738624
https://t.co/8BvqpLVxoe
http://docs.graylog.org/en/2.2/pages/pipelines/rules.html
https://twitter.com/cyb3rops/status/842409854924918785
https://t.co/Pnn94MXwlg
https://github.com/Neo23x0/sigma/issues/11
https://twitter.com/cyb3rops/status/842363623267811329
https://t.co/T7k2MK2SIi
http://researchcenter.paloaltonetworks.com/2017/03/unit42-nexuslogger-new-cloud-based-keylogger-enters-market/
https://twitter.com/cyb3rops/status/842116067145187328
https://t.co/Zl0OmX9m0x
https://www.arbornetworks.com/blog/asert/acronym-m-is-for-malware/amp/
https://twitter.com/cyb3rops/status/842115080653266951
https://t.co/G5wHAjDVLa
http://blog.checkpoint.com/2017/03/15/check-point-discloses-vulnerability-whatsapp-telegram/
https://twitter.com/cyb3rops/status/841924994108141568
https://t.co/dzXiATJ4Tw
https://t.co/LBx1wMWfNc
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_susp_file_execution.yml
https://twitter.com/certbund/status/841043099963019265
https://twitter.com/cyb3rops/status/841921961718628352
https://t.co/ZuwJKiJkbg
https://malwr.com/
https://twitter.com/cyb3rops/status/841917806975279104
https://t.co/UIEvkYYIYz
https://twitter.com/sans_isc/status/841915934143049728
https://twitter.com/cyb3rops/status/841765526758162432
https://t.co/ITIbymqSpO
https://redmondmag.com/articles/2015/06/22/windows-server-2003-support.aspx
https://twitter.com/cyb3rops/status/841691714192588803
https://t.co/8WbwrkyWL5
https://blog.malwarebytes.com/cybercrime/2017/03/not-phish-security-researcher-twitter/
https://twitter.com/cyb3rops/status/841688075319332868
https://t.co/a6ieWnXqF9
http://www.download3k.com/articles/How-to-Turn-Off-Windows-Defender-Permanently-in-Windows-10-01350
https://twitter.com/cyb3rops/status/841649274941243393
https://t.co/RgbLbY3vuP
https://t.co/BohrYOxpq7
https://www.imperva.com/blog/2017/01/remote-code-execution-rce-attacks-apache-struts/
http://www.threatgeek.com/2017/03/widespread-exploitation-attempts-using-cve-2017-5638.html
https://twitter.com/cyb3rops/status/841344903728791552
https://t.co/vFHItGKo80
https://marketplace.visualstudio.com/items?itemName=dustinsanders.an-old-hope-theme-vscode
https://twitter.com/cyb3rops/status/841325691815809025
https://t.co/g9vNqh4izX
https://github.com/diogo-fernan/malsub
https://twitter.com/cyb3rops/status/841324643197808640
https://twitter.com/cyb3rops/status/841302262307790850
https://t.co/bA5Ibmbx7E
https://t.co/NSP1F5KdtU
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_powershell_network_connection.yml
https://github.com/Neo23x0/sigma/blob/master/rules/proxy/proxy_powershell_ua.yml
https://twitter.com/cyb3rops/status/841224519826198528
https://t.co/L8l98UODSq
https://dfir.it/blog/2016/12/07/webshells-rise-of-the-defenders-part-4/
https://twitter.com/cyb3rops/status/840981942866698242
https://t.co/3AL1TJInfQ
https://github.com/danielbohannon/Invoke-Obfuscation
https://twitter.com/cyb3rops/status/840959409463414786
https://t.co/suJq8fh0Rn
https://t.co/Tikc2tK49w
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_powershell_invocation.yar
https://github.com/Neo23x0/sigma/blob/master/rules/windows/powershell/powershell_suspicious_invocation_generic.yml
https://twitter.com/cyb3rops/status/840544746456137728
https://t.co/FqQTB74JMD
https://mobile.nytimes.com/aponline/2017/03/11/technology/ap-us-tec-wikileaks-cia-tech-encryption.html?_r=0&referer=
https://twitter.com/cyb3rops/status/840330782661042176
https://t.co/elWaRSjc8z
https://blog.malwarebytes.com/threat-analysis/2017/03/exploit-kits-winter-2017-review/
https://twitter.com/cyb3rops/status/840324581055442944
https://t.co/ElcjAOl8Qf
http://researchcenter.paloaltonetworks.com/2017/03/unit42-pulling-back-the-curtains-on-encodedcommand-powershell-attacks/
https://twitter.com/cyb3rops/status/839902412823474176
https://t.co/pctkdLm8XZ
https://t.co/oWfSjKLSJf
https://intrigue.io/
https://github.com/intrigueio/intrigue-core
https://twitter.com/cyb3rops/status/839900864026460160
https://t.co/zOhQZhTWp3
https://community.rapid7.com/community/infosec/blog/2017/03/09/apache-jakarta-vulnerability-attacks-in-the-wild
https://twitter.com/cyb3rops/status/839900733155725313
https://t.co/NA9IIOENuZ
http://www.fireeye.com/blog/threat-research/2017/03/using_the_registryt.html
https://twitter.com/cyb3rops/status/839572075832553472
https://t.co/H0kGpy7lqP
http://www.fireeye.com/blog/threat-research/2017/03/introduction_to_reve.html
https://twitter.com/cyb3rops/status/839571962787684353
https://t.co/7v3vXs7fFk
http://blog.erratasec.com/2017/03/a-note-about-false-flag-operations.html
https://twitter.com/cyb3rops/status/839537435793113097
https://twitter.com/cyb3rops/status/839509025075179520
https://twitter.com/cyb3rops/status/839207792544198659
https://t.co/lL9eHNSye8
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_stonedrill.yar
https://twitter.com/cyb3rops/status/839187498240720901
https://twitter.com/cyb3rops/status/839122730356256769
https://twitter.com/cyb3rops/status/839042230451113984
https://t.co/9j89eMRZPj
https://github.com/Neo23x0/sigma/blob/master/rules/apt/apt_stonedrill.yml
https://twitter.com/cyb3rops/status/839004173677039617
https://t.co/RXOUDzO2SR
http://seclist.us/bluewall-is-a-firewall-framework-designed-for-offensive-and-defensive-cyber-professionals.html
https://twitter.com/cyb3rops/status/838524117766836224
https://t.co/u9Kf6OENMV
https://github.com/SwiftOnSecurity/sysmon-config
https://twitter.com/cyb3rops/status/838407913664307204
https://t.co/UaZ02cLqWL
https://www.symantec.com/content/dam/symantec/docs/security-center/white-papers/increased-use-of-powershell-in-attacks-16-en.pdf
https://twitter.com/cyb3rops/status/838190056179445761
https://t.co/1k5CX29qAk
https://t.co/Hym8d6afFN
https://adsecurity.org/?p=2921
https://github.com/Neo23x0/sigma/tree/master/rules/windows/powershell
https://twitter.com/cyb3rops/status/838181152359874560
https://t.co/2580wGmpeM
https://github.com/Neo23x0/sigma/pull/6/files
https://twitter.com/cyb3rops/status/837963026024255488
https://t.co/4iwyT3qZQN
https://t.co/VxUr0qOmEI
https://twitter.com/JohnLaTwC/status/837743453039534080
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_malware_verclsid_shellcode.yml
https://twitter.com/cyb3rops/status/837570790149222400
https://t.co/aX74BSvF6i
http://researchcenter.paloaltonetworks.com/2017/03/unit42-blank-slate-campaign-takes-advantage-hosting-providers-spread-ransomware/
https://twitter.com/cyb3rops/status/837570430290563072
https://t.co/IxR8RbGQmx
http://malware.dontneedcoffee.com/2017/03/nebula-exploit-kit.html
https://twitter.com/cyb3rops/status/837570063838425089
https://t.co/eDnVrw0lb5
http://blog.crysys.hu/2017/03/update-on-the-fancy-bear-android-malware-poprd30-apk/
https://twitter.com/cyb3rops/status/837569884510900225
https://t.co/bNqmGBOqh9
https://blog.didierstevens.com/2017/03/03/practice-ntds-dit-file-part-9-extracting-password-history-hashes/amp/
https://twitter.com/cyb3rops/status/837352533752496128
https://t.co/FjnwN37b80
http://blog.talosintelligence.com/2017/03/dnsmessenger.html?m=1
https://twitter.com/cyb3rops/status/837250084731506689
https://t.co/iUTRuP77fs
https://twitter.com/cyb3rops/status/837249797304299520
https://twitter.com/cyb3rops/status/837249797304299520
https://t.co/9hd81lGfy7
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_certutil_decode.yml
https://twitter.com/cyb3rops/status/837243080612917248
https://t.co/nqIyblMb1n
https://t.co/Fitb6tQLez
https://www.hybrid-analysis.com/sample/465aabe132ccb949e75b8ab9c5bda36d80cf2fd503d52b8bad54e295f28bbc21?environmentId=100
https://github.com/Neo23x0/sigma/commit/b6459a00ab8d6431be1e4c9f105806acf9f972f4
https://twitter.com/cyb3rops/status/837214897561829377
https://t.co/TrHVPte59p
https://code.visualstudio.com/updates/v1_10
https://twitter.com/cyb3rops/status/837180675014942720
https://t.co/n4mZJ02zDG
https://github.com/google/mtail
https://twitter.com/cyb3rops/status/836978839343542274
https://t.co/EeaO95fFxj
https://github.com/Neo23x0/sigma
https://twitter.com/cyb3rops/status/836852029481955328
https://t.co/ARQ1aST8Xk
https://t.co/XSZlG9BmSO
https://github.com/codingo/Ransomware-Resources
https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml
https://twitter.com/cyb3rops/status/836838894448558081
https://t.co/sVTHvSokxM
http://researchcenter.paloaltonetworks.com/2017/02/unit-42-title-gamaredon-group-toolset-evolution/
https://twitter.com/cyb3rops/status/836675004163063809
https://t.co/zcj67KXLuG
http://blog.trendmicro.com/trendlabs-security-intelligence/ratankba-watering-holes-against-enterprises/
https://twitter.com/cyb3rops/status/836580862443532288
https://twitter.com/cyb3rops/status/836570073779273728
https://t.co/7z9PQxSkEA
https://isc.sans.edu/diary/Analysis+of+a+Simple+PHP+Backdoor/22127
https://twitter.com/cyb3rops/status/836559334272339979
https://t.co/eDyPXH3tiO
https://www.cylance.com/en_us/blog/the-deception-project-a-new-japanese-centric-threat.html
https://twitter.com/cyb3rops/status/836145122941288448
https://t.co/P989GJgfPw
https://news.ycombinator.com/item?id=13741746
https://twitter.com/cyb3rops/status/835788870260252672
https://t.co/z4VrYfjPn4
https://www.engadget.com/2017/02/24/security-error-leaves-ny-airport-servers-unprotected-for-a-year/
https://twitter.com/cyb3rops/status/835784791199002624
https://t.co/Gh3rtRIgqp
https://plus.google.com/+LinusTorvalds/posts/7tp2gYWQugL
https://twitter.com/cyb3rops/status/835195619048312833
https://t.co/H9QxmeGaIN
http://seclist.us/magic-unicorn-attack-vector-v2-5-1-powershell-downgrade-attack-and-exploitation-tool.html
https://twitter.com/cyb3rops/status/835195476433592321
https://t.co/ELpM0Cwmeq
http://seclist.us/ajpfuzzer-a-command-line-fuzzer-for-apache-jserv-protocols.html
https://twitter.com/cyb3rops/status/835195411933638656
https://t.co/ehoiYqmDLc
http://seclist.us/stalker-threat-intel-and-incident-response.html
https://twitter.com/cyb3rops/status/835179705938620416
https://t.co/8dDbijGrCH
https://securityintelligence.com/cybersecurity-regulations-get-demanding/
https://twitter.com/cyb3rops/status/834785937188085760
https://t.co/oYy4Wj0Erj
https://www.fireeye.com/blog/threat-research/2016/02/greater_visibilityt.html
https://twitter.com/cyb3rops/status/834293133605273601
https://t.co/IZWAIxYEP0
https://www.arbornetworks.com/blog/asert/additional-insights-shamoon2/
https://twitter.com/cyb3rops/status/834292632872419329
https://t.co/ixm9rkcu3B
https://security.googleblog.com/2017/02/another-option-for-file-sharing.html?m=1
https://twitter.com/cyb3rops/status/834292147318902784
https://t.co/ZSJqmxnQB3
https://github.com/Netflix/stethoscope
https://twitter.com/cyb3rops/status/833951803939160064
https://t.co/4kaUFimkSF
http://seclist.us/opensvp-v0-5-firewall-and-application-layer-gateway-testing-tool.html
https://twitter.com/cyb3rops/status/833951616927690752
https://t.co/GWmf6senjm
https://conorpp.com//designing-a-credit-card-emulator-card
https://twitter.com/cyb3rops/status/833725440426647552
https://t.co/72ezVmPeDN
http://baesystemsai.blogspot.de/2017/02/lazarus-false-flag-malware.html?m=1
https://twitter.com/cyb3rops/status/833724252079665156
https://t.co/hLQGkP28CH
http://www.darkoperator.com/blog/2017/2/17/posh-sysmon-powershell-module-for-creating-sysmon-configuration-files
https://twitter.com/cyb3rops/status/833723147220303874
https://t.co/Egh7J3g5mJ
https://www.govcert.admin.ch/blog/28/the-rise-of-dridex-and-the-role-of-esps
https://twitter.com/cyb3rops/status/833718791553085441
https://t.co/Dn4V8NUy9p
http://resources.infosecinstitute.com/past-present-iran-linked-cyber-espionage-operations/
https://twitter.com/cyb3rops/status/833354634735534081
https://t.co/RrB7KL08uh
https://github.com/SirCmpwn/evilpass
https://twitter.com/cyb3rops/status/833224140916133888
https://t.co/f65ZEKzIsG
https://t.co/9bSSfsMEYy
https://technet.microsoft.com/en-us/sysinternals/sysmon
https://1drv.ms/p/s!AubxkJFptCbQlhvLwkUygf1dSeaM
https://twitter.com/cyb3rops/status/832879324067983360
https://t.co/OXQYt5HLrS
https://www.nsslabs.com/company/news/press-releases/nss-labs-announces-advanced-endpoint-protection-group-test-results/
https://twitter.com/cyb3rops/status/832878917656727552
https://twitter.com/cyb3rops/status/832745507390889984
https://t.co/2x8zmOxmUS
https://blog.lookout.com/blog/2017/02/16/viperrat-mobile-apt/
https://twitter.com/cyb3rops/status/832682805574275073
https://t.co/u01QEbpBxz
https://twitter.com/searchguard/status/832528578499715072
https://twitter.com/cyb3rops/status/832676909884465152
https://t.co/Qqg0sfEkwm
https://github.com/Neo23x0/signature-base
https://twitter.com/cyb3rops/status/832658954186551296
https://t.co/ERHE5Qjjxr
http://blog.obdev.at/gatekeeper-and-little-snitch-rules/
https://twitter.com/cyb3rops/status/832631104356114432
https://t.co/vXw0UVgpWP
http://researchcenter.paloaltonetworks.com/2017/02/unit42-menupass-returns-new-malware-new-attacks-japanese-academics-organizations/
https://twitter.com/cyb3rops/status/832607034143039488
https://t.co/xMl3wJpN8j
https://www.youtube.com/watch?v=Lvb0KS50ypI&t=22s
https://twitter.com/cyb3rops/status/832520333072748546
https://twitter.com/cyb3rops/status/832511703942365184
https://t.co/c1Q0k3WNZd
http://researchcenter.paloaltonetworks.com/2017/02/unit42-magic-hound-campaign-attacks-saudi-targets/
https://twitter.com/cyb3rops/status/832508095230255104
https://twitter.com/cyb3rops/status/832281487282171904
https://t.co/EqpDy8KMEM
https://github.com/threema-ch/threema-web
https://twitter.com/cyb3rops/status/832277957100072966
https://t.co/RZCQvjZEEU
https://www.schneier.com/blog/archives/2017/02/duqu_malware_te.html
https://twitter.com/cyb3rops/status/832178090549899264
https://t.co/rT7xV6a2qH
https://twitter.com/IvreRocks/status/832144993137483776
https://twitter.com/cyb3rops/status/832116945176629248
https://twitter.com/cyb3rops/status/831975887277023239
https://t.co/qD6yHnNB5i
https://medium.freecodecamp.com/ill-never-bring-my-phone-on-an-international-flight-again-neither-should-you-e9289cde0e5f#.na5ljcmh8
https://twitter.com/cyb3rops/status/831794122826608641
https://twitter.com/cyb3rops/status/831768666182123525
https://t.co/9bSSfsMEYy
https://1drv.ms/p/s!AubxkJFptCbQlhvLwkUygf1dSeaM
https://twitter.com/cyb3rops/status/831763530802139136
https://t.co/rEIdFG8IuI
https://arstechnica.com/security/2017/02/new-aslr-busting-javascript-is-about-to-make-drive-by-exploits-much-nastier/
https://twitter.com/cyb3rops/status/831541378438070272
https://t.co/0c3nTJv2n3
http://maltego.blogspot.com/2017/02/maltego-4015-is-here.html
https://twitter.com/cyb3rops/status/831540387005206528
https://t.co/ccYstjjzdq
http://htmlreference.io/
https://twitter.com/cyb3rops/status/831538547379359747
https://t.co/FIQX1t69DR
https://labs.bitdefender.com/2017/02/new-xagent-mac-malware-linked-with-the-apt28/
https://twitter.com/cyb3rops/status/831537876009615361
https://t.co/GosbXJOjdK
https://blog.netspi.com/attacking-javascript-web-service-proxies-burp/
https://twitter.com/cyb3rops/status/831506625643032576
https://t.co/OnYdieCLQX
https://blog.netspi.com/breaking-out-of-applications-deployed-via-terminal-services-citrix-and-kiosks/
https://twitter.com/cyb3rops/status/831141422774497281
https://twitter.com/cyb3rops/status/830858906188599296
https://twitter.com/cyb3rops/status/830830981003218944
https://t.co/EXZjj1Ch4V
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_grizzlybear_uscert.yar
https://twitter.com/cyb3rops/status/830736364899540993
https://twitter.com/cyb3rops/status/830727166799314944
https://twitter.com/cyb3rops/status/830725132427616257
https://twitter.com/cyb3rops/status/830724907159998467
https://twitter.com/cyb3rops/status/830680326070493185
https://twitter.com/cyb3rops/status/830582587529842688
https://t.co/FIkoLE6QBK
https://github.com/Neo23x0/Loki/blob/master/tools/vt-checker.py
https://twitter.com/cyb3rops/status/830508363737870337
https://t.co/CAQ9K0E8Ph
https://github.com/artkond/Invoke-Vnc
https://twitter.com/cyb3rops/status/830506825619533824
https://twitter.com/cyb3rops/status/830422614376058882
https://twitter.com/cyb3rops/status/830376392487555072
https://t.co/EXZjj1Ch4V
https://t.co/MsCVJOa03l
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_grizzlybear_uscert.yar
https://www.us-cert.gov/ncas/current-activity/2017/02/10/Enhanced-Analysis-GRIZZLY-STEPPE
https://twitter.com/cyb3rops/status/830344268724260864
https://t.co/MsCVJOa03l
https://www.us-cert.gov/ncas/current-activity/2017/02/10/Enhanced-Analysis-GRIZZLY-STEPPE
https://twitter.com/cyb3rops/status/830026643443945475
https://t.co/0o8KbXY7US
https://cysinfo.com/cyber-attack-targeting-indian-navys-submarine-warship-manufacturer/
https://twitter.com/cyb3rops/status/829825269754187776
https://t.co/CfjSF5JN2Y
https://www.vanimpe.eu/2017/02/09/hack-polish-financial-supervision-authority-polish-banks/
https://twitter.com/cyb3rops/status/829766103396147205
https://t.co/1riHPbOfTF
https://blog.cylance.com/shell-crew-variants-continue-to-fly-under-big-avs-radar
https://twitter.com/cyb3rops/status/829706472019877888
https://t.co/19hxnx0u4z
http://d3plus.org/
https://twitter.com/cyb3rops/status/829604458002784262
https://t.co/Oh2gswr6o7
https://github.com/Netflix/hubcommander
https://twitter.com/cyb3rops/status/829603367752187906
https://t.co/CCngfrN0xN
https://github.com/nathanlopez/Stitch
https://twitter.com/cyb3rops/status/829406956284682240
https://t.co/VLXfITpHPr
https://twitter.com/Jabra/status/828718295658401792
https://twitter.com/cyb3rops/status/829364528055984128
https://t.co/BXAzoetw69
https://blogs.forcepoint.com/security-labs/curious-case-reconnaissance-campaign-targeting-ministry-and-embassy-sites
https://twitter.com/cyb3rops/status/828882239253520384
https://t.co/0kjiVbjMtS
https://github.com/RamadhanAmizudin/python-icap-yara
https://twitter.com/cyb3rops/status/828643889980522497
https://twitter.com/cyb3rops/status/828605609708752897
https://t.co/mCZkaKVECl
http://blog.trendmicro.com/trendlabs-security-intelligence/lurk-retracing-five-year-campaign/
https://twitter.com/cyb3rops/status/828581308792176646
https://t.co/reiifDeavF
https://urlscan.io/
https://twitter.com/cyb3rops/status/828566320341991424
https://t.co/BwEZiPnFuQ
https://github.com/Neo23x0/yarGen/releases/tag/0.17.0
https://twitter.com/cyb3rops/status/828539288031784960
https://t.co/YhdXDzZ1vJ
https://twitter.com/x0rz/status/828501778035572736
https://twitter.com/cyb3rops/status/828285361931550722
https://t.co/V3SgWI7HiI
http://seclist.us/shootback-a-reverse-tcp-tunnel-let-you-access-target-behind-nat-or-firewall.html
https://twitter.com/cyb3rops/status/828247361516339200
https://t.co/FCTTNEHXeE
https://github.com/Neo23x0/yarGen/commits/master
https://twitter.com/cyb3rops/status/828202503359647745
https://t.co/YqxwhcGTNx
https://github.com/asciimoo/wuzz/
https://twitter.com/cyb3rops/status/828003961823191041
https://t.co/NXpVZJcQc8
https://github.com/Kevin-Robertson/Tater
https://twitter.com/cyb3rops/status/827958296439091200
https://t.co/PPWeWBiBny
https://techcrunch.com/2017/02/04/google-told-to-hand-over-foreign-emails-in-fbi-search-warrant-ruling/amp/
https://twitter.com/cyb3rops/status/827817652823404544
https://t.co/NMHhCSHroy
https://twitter.com/M_haggis/status/827691417128493056
https://twitter.com/cyb3rops/status/827579643897188353
https://t.co/u0ZUuF9mWP
https://isc.sans.edu/diary/Windows%2BSMBv3%2BDenial%2Bof%2BService%2BProof%2Bof%2BConcept%2B%280%2BDay%2BExploit%29/22029
https://twitter.com/cyb3rops/status/827560080757374977
https://t.co/cEoUClwmwc
https://twitter.com/m3g9tr0n/status/827541564549427200
https://twitter.com/cyb3rops/status/827501739049902081
https://t.co/4p0BZxfnoF
https://www.proofpoint.com/us/threat-insight/post/APT-targets-russia-belarus-zerot-plugx
https://twitter.com/cyb3rops/status/827419116940189698
https://t.co/nFbaBuk93t
https://securingtomorrow.mcafee.com/mcafee-labs/analyzing-cve-2016-9311-ntpd-vulnerability-can-lead-denial-service/
https://twitter.com/cyb3rops/status/827299784302137346
https://t.co/6KBWbQDTQ7
https://securelist.com/blog/research/77429/kopiluwak-a-new-javascript-payload-from-turla/
https://twitter.com/cyb3rops/status/827298279507496960
https://t.co/CQS4861UIy
http://blog.checkpoint.com/2017/02/02/sql-slammer-comeback/
https://twitter.com/cyb3rops/status/827214113092800515
https://twitter.com/cyb3rops/status/827211211079086080
https://t.co/4nTiyJjEiE
https://www.justwatch.com/blog/post/announcing-gopass/
https://twitter.com/cyb3rops/status/827073353232109569
https://t.co/wKsasWW0qQ
https://securityriskadvisors.com/blog/post/detecting-in-memory-mimikatz/
https://twitter.com/cyb3rops/status/827057150149193728
https://t.co/Tkwwph5nQ0
https://www.nccgroup.trust/globalassets/our-research/uk/technical-advisories/2017/cve-2017-3241-java-rmi-registrybind-unvalidated-deserializationpdf/
https://twitter.com/cyb3rops/status/826385372573790209
https://t.co/xyB8nnNfyp
http://researchcenter.paloaltonetworks.com/2017/01/unit42-downeks-and-quasar-rat-used-in-recent-targeted-attacks-against-governments/
https://twitter.com/cyb3rops/status/826384801284386816
https://t.co/HNRhHV5uiU
https://github.com/mandatoryprogrammer/JudasDNS
https://twitter.com/cyb3rops/status/826384397066784768
https://t.co/oCxwc8RaXJ
http://seclist.us/socketfuzz-simple-socket-fuzzer.html
https://twitter.com/cyb3rops/status/826379590088216576
https://t.co/6tpCNzXROp
https://tracker.debian.org/news/836691
https://twitter.com/cyb3rops/status/826377331044388865
https://twitter.com/cyb3rops/status/826167294124515330
https://t.co/BDv7NwOuoW
https://arstechnica.com/security/2017/01/dc-police-surveillance-cameras-were-infected-with-ransomware-before-inauguration/
https://twitter.com/cyb3rops/status/826166560947576832
https://t.co/HwSTWwKdKW
https://github.com/x0rz/tweets_analyzer
https://twitter.com/cyb3rops/status/826114107648667649
https://t.co/XH4i6F5now
http://www.darknet.org.uk/2017/01/barnyard2-dedicated-spooler-for-snort-output/
https://twitter.com/cyb3rops/status/826112811264798720
https://t.co/xc0lbTdnFp
http://blog.jpcert.or.jp/2017/01/anti-analysis-t-24b9.html
https://twitter.com/cyb3rops/status/826036589663027200
https://t.co/kI1UReuIGZ
https://t.co/e7uA9SieeN
https://www.virustotal.com/en/file/269756062bcfcdcaeb1bc56d998daf30ebdd48cc3b92f731ed65952883a5c416/analysis/1485387847/
https://www.hybrid-analysis.com/sample/269756062bcfcdcaeb1bc56d998daf30ebdd48cc3b92f731ed65952883a5c416?environmentId=100
https://twitter.com/cyb3rops/status/825640950693261313
https://t.co/Pi9i7Lpv5g
https://securingtomorrow.mcafee.com/mcafee-labs/spotlight-on-shamoon/
https://twitter.com/cyb3rops/status/825469761131790342
https://t.co/CjCJcITjjx
http://blog.talosintel.com/2017/01/matryoshka-doll.html?m=1
https://twitter.com/cyb3rops/status/824719074995404801
https://t.co/Tx1BQYNjTY
https://blog.malwarebytes.com/cybercrime/2017/01/zbot-with-legitimate-applications-on-board/
https://twitter.com/cyb3rops/status/824718823123275780
https://t.co/FQR6GpjQMp
https://arstechnica.com/security/2017/01/site-that-sold-access-to-3-1-billion-passwords-vanishes-after-reported-raid/
https://twitter.com/cyb3rops/status/824714085891764225
https://t.co/AfRwRFwXgx
https://mobile.nytimes.com/2017/01/25/world/europe/sergei-mikhailov-russian-cybercrimes-agent-arrested.html?_r=0&referer=
https://twitter.com/cyb3rops/status/824708485170556934
https://t.co/K1lKC125NP
https://t.co/sbhgB4N9vN
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_greenbug.yar
https://www.symantec.com/connect/blogs/greenbug-cyberespionage-group-targeting-middle-east-possible-links-shamoon
https://twitter.com/cyb3rops/status/824682270934138880
https://t.co/wUW8r7DjUO
http://siren.solutions/kibi
https://twitter.com/cyb3rops/status/824592628712931328
https://t.co/xKrIWmsIB5
https://github.com/EgeBalci/EGESPLOIT
https://twitter.com/cyb3rops/status/824583504314925056
https://t.co/PMNHQUEtd8
https://docs.microsoft.com/en-us/azure/security/security-azure-log-integration-get-started
https://twitter.com/cyb3rops/status/824578148272594944
https://t.co/nPFlXxmJRm
https://www.the-little-things.net/blog/2013/10/18/active-directory-audit-report-with-powershell/
https://twitter.com/cyb3rops/status/824557922717995008
https://t.co/ff7nk2Yqg2
https://github.com/cosmo0920/homebrew-mingw_w64
https://twitter.com/cyb3rops/status/824412608883200000
https://twitter.com/cyb3rops/status/824318674635001856
https://t.co/1twuhHbmVn
http://blogs.cfr.org/cyber/2017/01/23/the-continued-importance-of-the-u-s-china-cyber-dialogue/
https://twitter.com/cyb3rops/status/824270533630062594
https://t.co/sbhgB4N9vN
https://www.symantec.com/connect/blogs/greenbug-cyberespionage-group-targeting-middle-east-possible-links-shamoon
https://twitter.com/cyb3rops/status/824034696984199168
https://t.co/SUoR6DK5P1
https://www.winehq.org/announce/2.0
https://twitter.com/cyb3rops/status/823996768299925507
https://t.co/njxKsteGnJ
https://github.com/google/glazier/blob/master/README.md
https://twitter.com/cyb3rops/status/823842460879167488
https://t.co/MMTMrHvirH
https://keepassxreboot.github.io/
https://twitter.com/cyb3rops/status/823839967931695104
https://twitter.com/cyb3rops/status/823651175081897984
https://t.co/nURHfE0wYi
http://blogs.cisco.com/security/talos/bbpg-image-decoding-code-execution
https://twitter.com/cyb3rops/status/823623738440773633
https://t.co/umxn9rUQnq
https://github.com/enddo/awesome-windows-exploitation
https://twitter.com/cyb3rops/status/823623539727171586
https://t.co/9EBRlLwVxI
https://enigma0x3.net/2017/01/23/lateral-movement-via-dcom-round-2/
https://twitter.com/cyb3rops/status/822859119086436352
https://t.co/AARMcQWTZp
https://t.co/RlpSydAWUj
https://github.com/NytroRST/NetRipper
https://twitter.com/opexxx/status/822794937452347392
https://twitter.com/cyb3rops/status/822842257543991296
https://t.co/jo0VXiYZ3v
https://techcrunch.com/2017/01/20/security-researchers-call-for-guardian-to-retract-false-whatsapp-backdoor-story/
https://twitter.com/cyb3rops/status/822841947509444608
https://t.co/x2GZfdbkJI
http://www.hexacorn.com/blog/2017/01/21/this-is-not-an-exe-this-is-not-a-dll-this-is-a-windows-app/
https://twitter.com/cyb3rops/status/822841658614091776
https://t.co/Vu1UYT4IX9
https://lavabit.com/?reloaded
https://twitter.com/cyb3rops/status/822841397900410880
https://t.co/EJvIPoT1UF
http://www.austintaylor.io/suricata/elasticsearch/logstash/continuous/monitoring/intrusion/detection/system/2016/12/17/build-a-world-class-monitoring-system-enterprise-small-office-home/
https://twitter.com/cyb3rops/status/822551758329278465
https://t.co/4ITHcg7Evw
http://www.darknet.org.uk/2017/01/icmpsh-simple-icmp-reverse-shell/
https://twitter.com/cyb3rops/status/822551670051717120
https://t.co/PmJYNcfBz7
http://blogs.cisco.com/security/talos/adobe-reader-jpeg-vuln
https://twitter.com/cyb3rops/status/822551298478407680
https://t.co/ib68wggoGC
http://blog.fortinet.com/2017/01/20/linux-gafgyt-b-tr-exploits-netcore-vulnerability
https://twitter.com/cyb3rops/status/822355983976591360
https://t.co/NdSfJeRuk6
https://www.trustwave.com/Resources/SpiderLabs-Blog/Operation-Grand-Mars--a-comprehensive-profile-of-Carbanak-activity-in-2016/17/
https://twitter.com/cyb3rops/status/822083677840609280
https://t.co/egbueDLGWr
https://research.trust.salesforce.com/Meraki-RCE-When-Red-Team-and-Vulnerability-Research-fell-in-love.-Part-1/
https://twitter.com/cyb3rops/status/822081316871094272
https://t.co/9WivJ9jzfi
https://cysinfo.com/uri-terror-attack-spear-phishing-emails-targeting-indian-embassies-and-indian-mea/
https://twitter.com/cyb3rops/status/821844261725470721
https://t.co/homqBoY2PX
https://www.theatlantic.com/politics/archive/2017/01/a-parting-blow-against-privacy/513026/
https://twitter.com/cyb3rops/status/821830859674288128
https://t.co/kouPpVzWKn
http://www.threatgeek.com/2017/01/open-hadoop-installs-wiped-worldwide.html
https://twitter.com/cyb3rops/status/821829787480166405
https://t.co/oNumFBFVif
http://blog.trendmicro.com/trendlabs-security-intelligence/uncovering-inner-workings-eyepyramid/
https://twitter.com/cyb3rops/status/821463519442956288
https://t.co/homqBoY2PX
https://www.theatlantic.com/politics/archive/2017/01/a-parting-blow-against-privacy/513026/
https://twitter.com/cyb3rops/status/821419531478437889
https://t.co/lRVMhi2CVL
http://blog.airbuscybersecurity.com/post/2017/01/Multiple-Vulnerabilities-in-Citrix-Provisioning-Services
https://twitter.com/cyb3rops/status/821268873202778112
https://t.co/4tmYhd40RE
http://www.darknet.org.uk/2017/01/zgrab-an-application-layer-scanner-for-zmap/
https://twitter.com/cyb3rops/status/821268160745787392
https://t.co/lZptM8n8KL
http://researchcenter.paloaltonetworks.com/2017/01/unit42-second-wave-shamoon-2-attacks-reveal-possible-new-tactic/
https://twitter.com/cyb3rops/status/820770024306700289
https://t.co/PtkxsUbiE2
https://github.com/lateralblast/lunar
https://twitter.com/cyb3rops/status/820768855777804288
https://t.co/giMhYN3EJ1
https://www.dsinternals.com/en/impersonating-office-365-users-mimikatz/
https://twitter.com/cyb3rops/status/820560989305311236
https://twitter.com/cyb3rops/status/820340640710017029
https://t.co/X5YbNGRI6w
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_eqgrp.yar#L1217
https://twitter.com/cyb3rops/status/820050299083718656
https://t.co/iBDLAHy2ND
https://bit.no.com:43110/theshadowbrokers.bit/post/messagefinale/
https://twitter.com/cyb3rops/status/819910175939239938
https://twitter.com/cyb3rops/status/819909093284581378
https://twitter.com/cyb3rops/status/819846599606239233
https://t.co/ne41HDH3If
https://t.co/ZlCNchrILh
https://security.googleblog.com/2017/01/security-through-transparency.html
https://github.com/google/key-transparency/
https://twitter.com/cyb3rops/status/819661241316769793
https://t.co/N3Rl0MzYB3
https://github.com/gentilkiwi/mimikatz/blob/master/kiwi_passwords.yar#L45
https://twitter.com/cyb3rops/status/819654139936473094
https://t.co/aoA4TptWw1
https://www.virustotal.com/en/file/412efa09d71223208f3d24a661b8539d98aad6b61157707e865e288a96cda806/analysis/
https://twitter.com/cyb3rops/status/819477035546460161
https://t.co/iin7l5UOcq
http://arstechnica.com/security/2017/01/the-new-normal-yet-another-hacker-caused-power-outage-hits-ukraine/
https://twitter.com/cyb3rops/status/819476654041006080
https://t.co/rPJhBoDzCN
http://www.fireeye.com/blog/threat-research/2017/01/new_ploutus_variant.html
https://twitter.com/cyb3rops/status/819476035351801857
https://t.co/nN6EUB6BHG
http://blog.trendmicro.com/trendlabs-security-intelligence/eye-storm-look-eyepyramid-malware-supposedly-used-high-profile-hacks-italy/
https://twitter.com/cyb3rops/status/819251282531774464
https://twitter.com/cyb3rops/status/819250936921128967
https://t.co/s8ibaT0ZWo
https://mobile.twitter.com/cyb3rops/status/763337020429271040
https://twitter.com/cyb3rops/status/819250200854331394
https://t.co/OFcRxyDuHp
http://www.zerohedge.com/news/2017-01-11/archived-posts-prove-4chan-trolled-cia-trump-golden-shower-story-entire-russian-hack
https://twitter.com/cyb3rops/status/818855087556743168
https://t.co/18bHsegs21
https://twitter.com/0rbz_/status/818843283506024449
https://twitter.com/cyb3rops/status/818767641485672449
https://t.co/WA5IVuN4HH
https://github.com/dxa4481/truffleHog
https://twitter.com/cyb3rops/status/818765960844820480
https://t.co/nxBda2Q1KP
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_fvey_shadowbroker_jan17.yar
https://twitter.com/cyb3rops/status/818751163604566017
https://t.co/RqjGQwZAoO
http://m.washingtontimes.com/news/2016/jul/12/obama-admin-sent-taxpayer-money-oust-netanyahu/
https://twitter.com/cyb3rops/status/818574332708454401
https://t.co/wiNHJLTOot
http://malwarejake.blogspot.com/2017/01/more-finds-from-shadow-brokers-dump.html
https://twitter.com/cyb3rops/status/818373620250636288
https://t.co/kgTo6p6h8t
http://arstechnica.co.uk/security/2017/01/more-than-10000-online-databases-taken-hostage-by-ransomware-attackers/
https://twitter.com/cyb3rops/status/818372123228012544
https://t.co/Y3xb1wTRmx
http://cyberprobe.sourceforge.net/
https://twitter.com/cyb3rops/status/817753646066728960
https://t.co/aNbesoQxE1
https://github.com/kovidgoyal/kitty
https://twitter.com/cyb3rops/status/817658863843495937
https://twitter.com/cyb3rops/status/817300946413846529
https://t.co/8TXxZBSz2c
http://www.clearskysec.com/oilrig/
https://twitter.com/cyb3rops/status/817284148436013056
https://t.co/a5Vd0mZhCa
https://twitter.com/enigma0x3/status/817106698670379009
https://twitter.com/cyb3rops/status/817149800089063429
https://t.co/l4ApfhPS4V
https://twitter.com/AliWatkins/status/817134139581329408
https://twitter.com/cyb3rops/status/817063658811518976
https://t.co/BrOhtlQmOt
http://digital-forensics.sans.org/blog/2017/01/04/critiques-of-the-dhsfbis-grizzly-steppe-report
https://twitter.com/cyb3rops/status/817063319345528833
https://t.co/ifGXzYdVWg
http://www.welivesecurity.com/2017/01/05/killdisk-now-targeting-linux-demands-250k-ransom-cant-decrypt/
https://twitter.com/cyb3rops/status/817056817503203329
https://twitter.com/cyb3rops/status/817055853534736385
https://t.co/O5EyDTkNFI
https://eugene.kaspersky.com/2016/05/27/darwinism-in-it-security-pt-3-time-to-deal-with-these-no-good-parasites/
https://twitter.com/cyb3rops/status/817048582008242176
https://twitter.com/cyb3rops/status/817009477903941633
https://t.co/j3F56HXMDF
http://spacevim.org/
https://twitter.com/cyb3rops/status/817008963430547457
https://t.co/oxbqZ6GInx
http://seclist.us/hexinject-v1-6-hexadecimal-and-raw-packet-injector-and-sniffer.html
https://twitter.com/cyb3rops/status/817008872875499521
https://t.co/I9SmxC5Dx6
https://stratechery.com/2017/amazons-operating-system/
https://twitter.com/cyb3rops/status/816932250482786304
https://t.co/2etP25r4xA
https://www.youtube.com/watch?v=fGlYf7UPTM4
https://twitter.com/cyb3rops/status/816735158955102214
https://t.co/XAejJcGUtY
https://github.com/glv2/bruteforce-luks/blob/master/README
https://twitter.com/cyb3rops/status/816635439671083008
https://t.co/u0vs9Zyrye
https://www.youtube.com/watch?v=vDhcqua3_W8
https://twitter.com/cyb3rops/status/816633335803969537
https://twitter.com/cyb3rops/status/816215044035907584
https://t.co/bfIboo7u3j
http://www.forbes.com/sites/kalevleetaru/2017/01/01/fake-news-and-how-the-washington-post-rewrote-its-story-on-russian-hacking-of-the-power-grid/amp/
https://twitter.com/cyb3rops/status/815509804064063488
https://t.co/uwyPM1HeBI
https://theintercept.com/2016/12/31/russia-hysteria-infects-washpost-again-false-story-about-hacking-u-s-electric-grid/
https://twitter.com/cyb3rops/status/815189515904176128
https://twitter.com/cyb3rops/status/814997066564956160
https://t.co/UMlL3QBRme
https://www.littleflocker.com/
https://twitter.com/cyb3rops/status/814987055709167617
https://t.co/cV57ZkBGMk
http://arstechnica.com/security/2016/12/did-russia-tamper-with-the-2016-election-bitter-debate-likely-to-rage-on/?amp=1
https://twitter.com/cyb3rops/status/814900140771254273
https://t.co/9MiqW2jeyl
http://blog.erratasec.com/2016/12/some-notes-on-iocs.html
https://twitter.com/cyb3rops/status/814898972628283392
https://t.co/5ncQjJOy7N
http://blog.trendmicro.com/trendlabs-security-intelligence/recent-spam-runs-in-germany-show-how-threats-intend-to-stay-in-the-game/
https://twitter.com/cyb3rops/status/814825128244760576
https://t.co/4Onbysn8FN
https://github.com/hillu/idapro-debian
https://twitter.com/cyb3rops/status/814769499555659776
https://t.co/hdvm3Vk4po
https://t.co/E86rcWIxUt
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_apt29_grizzly_steppe.yar
http://pastebin.com/gxq0FMsU
https://twitter.com/cyb3rops/status/814570103509581826
https://t.co/6Fk3CzXVPo
https://www.bsk-consulting.de/category/yara/
https://twitter.com/cyb3rops/status/814548879953817605
https://twitter.com/cyb3rops/status/814398976380301312
https://twitter.com/cyb3rops/status/814397145046515712
https://t.co/irmz7xNPPl
http://blog.trendmicro.com/trendlabs-security-intelligence/updated-sundown-exploit-kit-uses-steganography/
https://twitter.com/cyb3rops/status/814396190292901888
https://t.co/jAXgap0mtN
https://media.ccc.de/v/33c3-8062-a_look_into_the_mobile_messaging_black_box
https://twitter.com/cyb3rops/status/814286145777504256
https://t.co/zloe7ikazi
https://twitter.com/brompwnie/status/805651504019476480
https://twitter.com/cyb3rops/status/814151243560026112
https://t.co/cClwU95Koq
http://mobile.reuters.com/article/idUSKBN14B1PC
https://twitter.com/cyb3rops/status/814072208268152833
https://t.co/rEJdzBuLhI
https://t.co/RQXD6l8vU3
https://github.com/o3ma/o3
https://github.com/o3ma/o3rest
https://twitter.com/cyb3rops/status/813904282651136000
https://twitter.com/cyb3rops/status/813833075130073088
https://t.co/vQInPd7jpI
http://privacy-pc.com/articles/ransomware-chronicle.html
https://twitter.com/cyb3rops/status/813828845820399616
https://twitter.com/cyb3rops/status/813819830042234881
https://t.co/kobc7loUiF
https://github.com/virustotal/yara/releases/tag/v3.5.0
https://twitter.com/cyb3rops/status/813752246664101888
https://twitter.com/cyb3rops/status/813741075198312448
https://t.co/37ylctd0bl
https://www.youtube.com/watch?v=kysQCatKfkw
https://twitter.com/cyb3rops/status/813707855320776704
https://t.co/vK0Ebx4Waw
https://labsblog.f-secure.com/2016/12/21/whats-the-deal-with-digital-forensics-incident-response-and-attribution/
https://twitter.com/cyb3rops/status/813323546604740608
https://t.co/BW7JvEqVTn
https://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10033-Vuln.html
https://twitter.com/cyb3rops/status/813140450609655808
https://t.co/wmdkuM8F4o
https://www.trustedsec.com/december-2016/wire-messenger-new-competitor-signal/
https://twitter.com/cyb3rops/status/813140164138635264
https://t.co/LG2nBcjFT0
http://seclist.us/pyjenkinstoolkit-is-a-jenkins-penetration-test-toolkit.html
https://twitter.com/cyb3rops/status/813139793655853056
https://t.co/qKVXMQd0ic
https://blog.torproject.org/blog/tor-heart-tahoe-lafs
https://twitter.com/cyb3rops/status/812454054760738820
https://t.co/pYLi9JxiBw
http://nim4.github.io/DBShield/
https://twitter.com/cyb3rops/status/812382500290957312
https://t.co/mDoFExQXVc
https://www.redpill-linpro.com/sysadvent/2016/12/19/raspberry-pi-honeynet.html
https://twitter.com/cyb3rops/status/812200321510469636
https://twitter.com/cyb3rops/status/812046880561565696
https://t.co/90N4SnvoD4
https://eng.uber.com/custom-email-ids/
https://twitter.com/cyb3rops/status/811928125215019008
https://t.co/YtutVcDsHd
https://securelist.com/blog/research/76954/is-mirai-really-as-black-as-its-being-painted/
https://twitter.com/cyb3rops/status/811719214956498948
https://t.co/xrF7RQur5t
http://www.welivesecurity.com/2016/12/20/new-linuxrakos-threat-devices-servers-ssh-scan/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+eset%2Fblog+%28ESET+Blog%3A+We+Live+Security%29
https://twitter.com/cyb3rops/status/811705428103069696
https://t.co/apNnv9lC14
https://github.com/devongovett/regexgen/blob/master/README.md
https://twitter.com/cyb3rops/status/811609460858830849
https://twitter.com/cyb3rops/status/810768215244730368
https://t.co/sL1slhcBXc
http://www.darknet.org.uk/2016/12/powershellarsenal-powershell-reverse-engineering/
https://twitter.com/cyb3rops/status/810446599679832064
https://t.co/Pf5voxFI5l
https://t.co/oC65NKhY4W
https://t.co/CUv5B5MvYl
https://www.myhackerhouse.com/merry-haxmas-shadowbrokers-strike-again/
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_fvey_shadowbroker_dec16.yar
https://github.com/Neo23x0/signature-base/blob/master/iocs/filename-iocs.txt#L1764
https://twitter.com/cyb3rops/status/810154247450988544
https://t.co/lYZMvWaeJj
http://blog.fortinet.com/2016/12/16/malicious-macro-bypasses-uac-to-elevate-privilege-for-fareit-malware
https://twitter.com/cyb3rops/status/810152666143854592
https://t.co/aefoAAJgGp
http://blog.frizk.net/2016/12/filevault-password-retrieval.html
https://twitter.com/cyb3rops/status/810151983466369024
https://t.co/Z09nPJVDGj
http://blog.jpcert.or.jp/2016/12/a-new-tool-to-d-d6bc.html
https://twitter.com/cyb3rops/status/810139194874011648
https://twitter.com/cyb3rops/status/810127590757462017
https://twitter.com/cyb3rops/status/810102491824226304
https://twitter.com/cyb3rops/status/810060679382179840
https://twitter.com/cyb3rops/status/810049686002429952
https://twitter.com/cyb3rops/status/809705627262001152
https://t.co/6YxGXGrEOs
http://www.morphick.com/resources/lab-blog/mikey-linux-keylogger
https://twitter.com/cyb3rops/status/809668075092115456
https://t.co/0IU3blvGp7
https://www.proofpoint.com/us/threat-insight/post/home-routers-under-attack-malvertising-windows-android-devices
https://twitter.com/cyb3rops/status/809667486522232833
https://t.co/r70OvH14tf
https://legalhackers.com/advisories/Nagios-Exploit-Root-PrivEsc-CVE-2016-9566.html
https://twitter.com/cyb3rops/status/809662749865340928
https://twitter.com/cyb3rops/status/809654943485480960
https://t.co/spU749rUuU
https://www.debian.org/security/2016/dsa-3733
https://twitter.com/cyb3rops/status/809434649076305920
https://twitter.com/cyb3rops/status/809414070902423552
https://twitter.com/cyb3rops/status/809323633374064640
https://t.co/d7q4kV1H99
https://github.com/johndekroon/serializekiller
https://twitter.com/cyb3rops/status/809307909314281472
https://t.co/xhmWOF2eWX
https://diracdeltas.github.io/blog/surveillance/
https://twitter.com/cyb3rops/status/809307614047780864
https://t.co/MOfNKLRmBm
http://blog.hackersonlineclub.com/2016/12/yahoo-discloses-another-hack-over-1.html
https://twitter.com/cyb3rops/status/809174567562473472
https://t.co/OT6gDsxKnv
https://t.co/Opl4wOgjWn
https://github.com/tylabs/quicksand_lite
https://quicksand.io/
https://twitter.com/cyb3rops/status/809157465069748224
https://t.co/wt6Tu2nhr5
https://t.co/TvI2GLj5DK
https://github.com/decalage2/ViperMonkey
https://twitter.com/decalage2/status/809153361635377152
https://twitter.com/cyb3rops/status/809142584258007041
https://t.co/3fMxDeJCo8
https://blog.torproject.org/blog/tor-heart-tor-messenger
https://twitter.com/cyb3rops/status/809142192673619968
https://t.co/KrbCO33owE
https://www.helpnetsecurity.com/2016/12/14/crypto-backdoors-bad-idea/
https://twitter.com/cyb3rops/status/809141815563665409
https://t.co/6cXIBtOlym
http://blog.trendmicro.com/trendlabs-security-intelligence/home-routers-mitigating-attacks-that-turn-them-to-zombies/
https://twitter.com/cyb3rops/status/809141099398856708
https://t.co/sCFRpjMV00
http://googleprojectzero.blogspot.com/2016/12/chrome-os-exploit-one-byte-overflow-and.html
https://twitter.com/cyb3rops/status/809137208603082752
https://t.co/RlvNVGqxca
https://www.snellman.net/blog/archive/2016-12-13-ring-buffers/
https://twitter.com/cyb3rops/status/809044800980844548
https://t.co/ET2CLv37aT
https://t.co/7wwlAKCY9Z
https://gist.github.com/Neo23x0/a4b4af9481e01e749409
https://gist.github.com/Neo23x0/f56bea38d95040b70cf5
https://twitter.com/cyb3rops/status/808990264249450496
https://t.co/FutvyW8x8x
https://github.com/thomaspatzke/logstash-linux/blob/master/README.md
https://twitter.com/cyb3rops/status/808814290652250117
https://t.co/8EqAhU45WV
http://www.welivesecurity.com/2016/12/13/rise-telebots-analyzing-disruptive-killdisk-attacks/
https://twitter.com/cyb3rops/status/808813096206745600
https://t.co/gUFLdGKQN6
https://krebsonsecurity.com/2016/12/operation-tarpit-targets-customers-of-online-attack-for-hire-services/
https://twitter.com/cyb3rops/status/808812560401174528
https://t.co/ky1kL1DHqG
https://blog.malwarebytes.com/cybercrime/2016/12/ransomware-tries-its-hand-at-being-a-deadly-viral-meme/
https://twitter.com/cyb3rops/status/808811713889992704
https://t.co/w3AvZawxFH
http://www.harmj0y.net/blog/powershell/make-powerview-great-again/
https://twitter.com/cyb3rops/status/808710345728593920
https://twitter.com/cyb3rops/status/808447185817894912
https://t.co/4sTRV5WRex
http://godbolt.org
https://twitter.com/cyb3rops/status/807942020316721152
https://t.co/RgwvNMd09y
https://www.naftaliharris.com/blog/why-making-python-2.8/
https://twitter.com/cyb3rops/status/807940363096903680
https://t.co/jxcvFtE6A9
http://seclist.us/cloakify-hide-data-exfiltrating-infiltration-in-plain-sight.html
https://twitter.com/cyb3rops/status/807658567327158272
https://t.co/Z3AY7xkPw3
http://arstechnica.com/security/2016/12/op-ed-im-giving-up-on-pgp/
https://twitter.com/cyb3rops/status/807540661184565249
https://twitter.com/cyb3rops/status/807539420580741120
https://t.co/xVvw0NoEcU
https://twitter.com/j3ssgarcia/status/807524748888514560
https://twitter.com/cyb3rops/status/807533329461415936
https://t.co/6oAEmUyffY
https://technet.microsoft.com/en-us/library/dd772626(v=ws.10).aspx
https://twitter.com/cyb3rops/status/807529204254408705
https://twitter.com/cyb3rops/status/807383000354848768
https://t.co/VVqnGnteb3
https://github.com/Neo23x0/Loki
https://twitter.com/cyb3rops/status/807337551560314884
https://t.co/Cp2eKN1HZl
http://fredkschott.com/post/2013/05/introducing-covim-real-time-collaboration-for-vim/
https://twitter.com/cyb3rops/status/807320056187199489
https://t.co/dDETwQKWvc
https://github.com/Neo23x0/yarAnalyzer
https://twitter.com/cyb3rops/status/807222324114182144
https://t.co/vrXMR7viL2
http://blog.robertelder.org/don-libes-expect-unix-automation-tool/
https://twitter.com/cyb3rops/status/807221355208994816
https://t.co/sqnti492Ku
http://seclists.org/fulldisclosure/2016/Dec/30
https://twitter.com/cyb3rops/status/807192663787192320
https://t.co/i0gmNStUhe
https://myonlinesecurity.co.uk/spoofed-aquaid-card-receipt-malspm-delivers-locky-osiris/
https://twitter.com/cyb3rops/status/806630426722844672
https://t.co/gcFNfLZrOp
https://twitter.com/angealbertini/status/801444359262654468
https://twitter.com/cyb3rops/status/806555928229199872
https://t.co/dvLKAKxY6h
http://pastebin.com/XB9nw4Xe
https://twitter.com/cyb3rops/status/806536280137957377
https://t.co/ZOrUCXOewK
http://m.slashdot.org/story/319693
https://twitter.com/cyb3rops/status/806536075120443392
https://t.co/kc5VO1fkOY
https://community.rapid7.com/community/metasploit/blog/2016/12/07/metasploitable3-capture-the-flags-competition
https://twitter.com/cyb3rops/status/806535771293360128
https://t.co/prR9ClOT6H
https://github.com/shirkdog/pulledpork
https://twitter.com/cyb3rops/status/806533619099586565
https://t.co/flwdK83nzo
https://github.com/simeji/jid/blob/master/README.md
https://twitter.com/cyb3rops/status/806414147672018944
https://twitter.com/cyb3rops/status/806173720272375808
https://t.co/poFxxYGjzv
https://t.co/9UChj0SbYw
https://github.com/Neo23x0/signature-base/blob/master/yara/crime_goldeneye.yar
http://pastebin.com/6KS9syNz
https://twitter.com/cyb3rops/status/806168981757427712
https://t.co/V8flxSfrdA
https://t.co/lbufanGXpK
https://github.com/ThreatHuntingProject/ThreatHunting/tree/master/hunts
http://www.threathunting.net/
https://twitter.com/cyb3rops/status/805321194195079169
https://t.co/lCeto9yhZN
https://github.com/matrix-ac/LAF
https://twitter.com/cyb3rops/status/805076249446117377
https://t.co/eZ6P0jK7vR
https://github.com/dflemstr/rq
https://twitter.com/cyb3rops/status/804768549105442817
https://t.co/8ROH57W59g
https://github.com/joxeankoret/cosa-nostra
https://twitter.com/cyb3rops/status/804759917412446208
https://t.co/UwMjIMgd4K
https://github.com/appbaseio/gem
https://twitter.com/cyb3rops/status/804757734952464384
https://t.co/CYfHFTN8zf
http://blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzing-cve-2016-7255-exploit-wild/
https://twitter.com/cyb3rops/status/804756670677217280
https://t.co/K20MP6C6D4
https://securityintelligence.com/detect-endpoint-threats-by-analyzing-process-logs-in-qradar/
https://twitter.com/cyb3rops/status/804720413314052096
https://t.co/Vg4jOZXNxR
http://arstechnica.com/gadgets/2016/12/usb-killer-fries-devices/?amp=1
https://twitter.com/cyb3rops/status/804600438658043904
https://t.co/UwnWTs2tFz
https://github.com/google/oss-fuzz/blob/master/README.md
https://twitter.com/cyb3rops/status/804486512050130944
https://t.co/o67QuVVqwH
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_shamoon2.yar
https://twitter.com/cyb3rops/status/804236851041239044
https://t.co/Lpt2rbMv1W
http://researchcenter.paloaltonetworks.com/2016/11/unit42-shamoon-2-return-disttrack-wiper/
https://twitter.com/cyb3rops/status/804236304162680832
https://t.co/djp9vQl1m9
https://github.com/gbonacini/CVE-2016-5195
https://twitter.com/cyb3rops/status/804235796924481536
https://t.co/7MGOXa4HWK
http://www.fireeye.com/blog/threat-research/2016/11/fireeye_respondsto.html
https://twitter.com/cyb3rops/status/804232952968253441
https://twitter.com/cyb3rops/status/804224463353081856
https://t.co/3bd4wKZzW7
https://www.google.de/amp/s/www.rt.com/document/583f2058c36188522d8b456a/amp?client=safari
https://twitter.com/cyb3rops/status/804035794033868800
https://t.co/OxKueHr1t2
https://gchq.github.io/CyberChef/
https://twitter.com/cyb3rops/status/803954796466151424
https://t.co/pGAyifXLWX
http://blog.netlab.360.com/a-few-observations-of-the-new-mirai-variant-on-port-7547/
https://twitter.com/cyb3rops/status/803931203007086592
https://t.co/P7evaaVNSF
https://cysinfo.com/malware-actors-using-nic-cyber-security-themed-spear-phishing-target-indian-government-organizations/
https://twitter.com/cyb3rops/status/803929360369668096
https://twitter.com/cyb3rops/status/803925022217830400
https://t.co/lKOuSi8RWw
https://youtu.be/DdkLY99HgAA
https://twitter.com/cyb3rops/status/803862883817914368
https://twitter.com/cyb3rops/status/803861812827590656
https://twitter.com/cyb3rops/status/803739671205445633
https://twitter.com/cyb3rops/status/803737774591504384
https://t.co/6BMgsxV0b6
https://community.rapid7.com/community/infosec/blog/2016/11/29/on-the-recent-dsl-modem-vulnerabilities
https://twitter.com/cyb3rops/status/803735986643447808
https://t.co/oE571BH8X3
https://devicereversing.wordpress.com/
https://twitter.com/cyb3rops/status/803665086049124356
https://t.co/DbvZTn0DvL
http://ianduffy.ie/blog/2016/11/26/azure-bug-bounty-pwning-red-hat-enterprise-linux/
https://twitter.com/cyb3rops/status/803576627854618624
https://t.co/oE571BH8X3
https://devicereversing.wordpress.com/
https://twitter.com/cyb3rops/status/803540847434338304
https://t.co/YPr1q4g4xD
https://www.shodan.io/search?query=rompager+port%3A7547+country%3Ade
https://twitter.com/cyb3rops/status/803517744910135297
https://t.co/j6JJxBHNC3
https://github.com/hslatman/awesome-threat-intelligence/
https://twitter.com/cyb3rops/status/803280601780551683
https://t.co/r0gv9TIpiy
http://www.sfexaminer.com/alleged-muni-hacker-demands-73000-ransom-computers-stations-restored/
https://twitter.com/cyb3rops/status/803263754087624704
https://t.co/CwqKDhjdxi
https://t.co/T1DZmwEZr3
https://t.co/499XFi3o9D
https://devicereversing.wordpress.com/2016/11/07/eirs-d1000-modem-is-wide-open-to-being-hacked/
https://isc.sans.edu/diary.html?storyid=21759&rss
https://www.shodan.io/search?query=rompager+port%3A7547+country%3Aie
https://twitter.com/cyb3rops/status/803254086820888576
https://t.co/T1DZmwEZr3
https://isc.sans.edu/diary.html?storyid=21759&rss
https://twitter.com/cyb3rops/status/803201388792705024
https://t.co/s1gg0fCIiu
http://blog.airbuscybersecurity.com/post/2016/11/Analysing-the-Hancitor-Maldoc
https://twitter.com/cyb3rops/status/803177009723674625
https://t.co/x4P2b0UKCc
http://wu.krelay.de/en/
https://twitter.com/cyb3rops/status/802939751623958529
https://t.co/aiKc6hjyLe
https://www.brokenbrowser.com/abusing-of-protocols/
https://twitter.com/cyb3rops/status/802894726600990720
https://t.co/Wm1LOCK4yP
https://github.com/xdavidhu/mitmAP
https://twitter.com/cyb3rops/status/802894362585821184
https://t.co/TprF3PsWsv
https://projects.lukehaas.me/regexhub/
https://twitter.com/cyb3rops/status/802515779124072449
https://twitter.com/cyb3rops/status/802514100072890368
https://twitter.com/cyb3rops/status/802123966919876610
https://t.co/h6KPw1JdCG
https://github.com/gentilkiwi/mimikatz/issues/16
https://twitter.com/cyb3rops/status/802115996198834176
https://t.co/KT3F66nEkw
https://adsecurity.org/?p=1515#DetectingForgedKerberosTickets
https://twitter.com/cyb3rops/status/802092197915017216
https://t.co/0mtqz7MyMu
https://www.obdev.at/products/littlesnitch/index.html
https://twitter.com/cyb3rops/status/802001072093073408
https://t.co/RY0Fv9MISi
https://isc.sans.edu/diary/Extracting%2BShellcode%2BFrom%2BJavaScript/21753
https://twitter.com/cyb3rops/status/802000674032590848
https://t.co/FJuowLBGFQ
http://blog.fortinet.com:443/2016/11/23/analysis-of-openssl-chacha20-poly1305-heap-buffer-overflow-cve-2016-7054
https://twitter.com/cyb3rops/status/801786871307243521
https://t.co/k682K1Hova
https://docs.google.com/spreadsheets/d/1H9_xaxQHpWaa4O_Son4Gx0YOIzlcBWMsdvePFX68EKU/
https://twitter.com/cyb3rops/status/801493176192208896
https://t.co/MNDjE30vmX
https://securelist.com/blog/research/76717/inpage-zero-day-exploit-used-to-attack-financial-institutions-in-asia/
https://twitter.com/cyb3rops/status/801492333262995456
https://t.co/0oQsBarazV
https://blog.gdatasoftware.com/2016/11/29325-analysis-ursnif-spying-on-your-data-since-2007
https://twitter.com/cyb3rops/status/801417211147653122
https://t.co/yVZ4HUbJxp
https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet
https://twitter.com/cyb3rops/status/801357413886685185
https://t.co/SL20vic5jA
http://researchcenter.paloaltonetworks.com/2016/11/unit42-tropic-trooper-targets-taiwanese-government-and-fossil-fuel-provider-with-poison-ivy/
https://twitter.com/cyb3rops/status/801176158729474048
https://t.co/v8YN7aM5or
https://t.co/jjiY1CXDBn
https://t.co/GdI9xuahQV
http://oogle.com
http://google.com
http://www.analyticsedge.com/2016/11/heres-a-secret-%C9%A2oogle-com-is-not-google-com/
https://twitter.com/cyb3rops/status/801173632814747648
https://t.co/Rk9MF4iL1i
https://slack.engineering/syscall-auditing-at-scale-e6a3ca8ac1b8#.tq9r8pgp3
https://twitter.com/cyb3rops/status/801172851751456768
https://t.co/bOoWC3KV2q
https://blog.malwarebytes.com/threat-analysis/social-engineering-threat-analysis/2016/11/an-overview-of-malvertising-on-the-mac/amp/
https://twitter.com/cyb3rops/status/801172448087404544
https://t.co/KMtkYzpMG1
https://www.zscaler.com/blogs/research/look-recent-stampado-ransomware-variant
https://twitter.com/cyb3rops/status/801171990274936832
https://t.co/pmIKstHgDY
http://blog.talosintel.com/2016/11/fareit-spam-mht.html
https://twitter.com/cyb3rops/status/801171759126843392
https://t.co/kJgaBBa7Nr
https://motherboard.vice.com/read/your-government-wants-to-militarize-social-media-to-influence-your-beliefs
https://twitter.com/cyb3rops/status/800589490989346816
https://t.co/vPvQeWRSnw
http://seclist.us/mithoren-is-an-extensible-platform-for-wireless-peripheral-keystroke-sniffing-for-microcomputers.html
https://twitter.com/cyb3rops/status/800389560291258368
https://t.co/34EgSUsoAo
https://eugene.kaspersky.com/2016/11/15/finally-our-own-os-oh-yes/
https://twitter.com/cyb3rops/status/800076036071247874
https://t.co/nkuKQ9G7rf
https://twitter.com/commixproject/status/799116000763514880
https://twitter.com/cyb3rops/status/799691337293402112
https://t.co/ImvoRvWqHv
http://arstechnica.com/security/2016/11/powerful-backdoorrootkit-found-preinstalled-on-3-million-android-phones/?amp=1
https://twitter.com/cyb3rops/status/799592755186036736
https://t.co/02dyOhn3m6
http://www.macrumors.com/2016/11/17/system-integrity-protection-disabled-macbook-pro/
https://twitter.com/cyb3rops/status/799532213201240064
https://t.co/ndhUIJXI4y
http://arstechnica.com/information-technology/2016/11/spacex-plans-worldwide-satellite-internet-with-low-latency-gigabit-speed/
https://twitter.com/cyb3rops/status/799388200535924736
https://t.co/j4dJbrQg4y
https://blog.mozilla.org/blog/2016/11/17/introducing-firefox-focus-a-free-fast-and-easy-to-use-private-browser-for-ios/
https://twitter.com/cyb3rops/status/799294604935892992
https://t.co/7wwd71e5Gt
https://github.com/samyk/poisontap
https://twitter.com/cyb3rops/status/799263325746040832
https://t.co/HRvn4mm5S9
https://github.com/lgandx/Responder-Windows
https://twitter.com/cyb3rops/status/799157818121134080
https://t.co/x5FjWuz6vu
https://techanarchy.net/2016/11/volutility-version-1-0-release/
https://twitter.com/cyb3rops/status/798985644886413312
https://t.co/HGnzjXO5YD
https://blog.torproject.org/blog/mission-improbable-hardening-android-security-and-privacy
https://twitter.com/cyb3rops/status/798843285250768897
https://t.co/eHkWBVzR6X
https://hg.mozilla.org/mozilla-central/file/054d4856cea6/toolkit/components/downloads/ApplicationReputation.cpp#l399
https://twitter.com/cyb3rops/status/798798814291210240
https://t.co/D2TADQ7sSr
http://seclist.us/yodo-local-privilege-escalation-poc.html
https://twitter.com/cyb3rops/status/798597109154840576
https://t.co/CkXhLGzFjU
https://www.youtube.com/watch?v=zfy5dFhw3ik
https://twitter.com/cyb3rops/status/798582941085552640
https://t.co/ooJDv68vG8
http://soltra.com/en/articles/soltra-wind-down/
https://twitter.com/cyb3rops/status/798572841549660161
https://t.co/GTY28sgp6y
http://hmarco.org/bugs/CVE-2016-4484/CVE-2016-4484_cryptsetup_initrd_shell.html
https://twitter.com/cyb3rops/status/798441612514914304
https://t.co/Mlv7RQX2uM
https://technet.microsoft.com/windows-server-docs/identity/ad-ds/manage/component-updates/command-line-process-auditing
https://twitter.com/cyb3rops/status/798261700436852736
https://t.co/U0Fgugh22x
https://www.nomoreransom.org/decryption-tools.html
https://twitter.com/cyb3rops/status/798258333752979457
https://t.co/Ywy3ZZXFqv
http://arstechnica.com/information-technology/2016/11/microsoft-is-going-to-pretend-to-release-visual-studio-for-mac/
https://twitter.com/cyb3rops/status/798257657635368961
https://t.co/UjoMV7aAPJ
https://articles.forensicfocus.com/2016/11/14/forensic-implications-of-ios-lockdown-pairing-records/
https://twitter.com/cyb3rops/status/798232142669025280
https://t.co/8vz2Xma9Tq
http://arstechnica.com/security/2016/11/new-attack-reportedly-lets-1-modest-laptop-knock-big-servers-offline/
https://twitter.com/cyb3rops/status/798096686258077696
https://t.co/NgA4tW70h7
https://github.com/Hack-with-Github/Awesome-Hacking/blob/master/README.md
https://twitter.com/cyb3rops/status/797838201440321536
https://t.co/LVvxvWzW4r
https://securelist.com/blog/research/76396/windows-zero-day-exploit-used-in-targeted-attacks-by-fruityarmor-apt/
https://twitter.com/cyb3rops/status/797837761915088897
https://t.co/VOK3hYcyJK
https://securelist.com/blog/research/76433/inside-the-gootkit-cc-server/
https://twitter.com/cyb3rops/status/797820032785022976
https://t.co/BtUwLufdrY
https://www.alienvault.com/blogs/labs-research/operation-blockbuster-unveils-the-actors-behind-the-sony-attacks
https://twitter.com/cyb3rops/status/797724867667914752
https://t.co/K40JJwnwTT
https://eugene.kaspersky.com/2016/11/10/thats-it-ive-had-enough/
https://twitter.com/cyb3rops/status/797410656785993728
https://t.co/bP5r6nOeWp
https://github.com/rootkovska/codehash.db/
https://twitter.com/cyb3rops/status/797387723392905217
https://t.co/qbX8r87Gw7
https://www.trustwave.com/Resources/SpiderLabs-Blog/OWASP-Core-Rule-Set-3-0-0-(Final)-release/
https://twitter.com/cyb3rops/status/797236136422862849
https://t.co/aSw43TT4c3
https://twitter.com/m3g9tr0n/status/797029752750084096
https://twitter.com/cyb3rops/status/797113093272829955
https://t.co/fI3qQzdSQK
http://seclist.us/wepwnise-is-a-proof-of-concept-python-script-for-generates-independent-vba-code-to-inject-ms-office-documents.html
https://twitter.com/cyb3rops/status/797013780513361920
https://t.co/ftjUXofehM
https://otx.alienvault.com/pulse/5824721d2655cf5200846071/
https://twitter.com/cyb3rops/status/797010773537157122
https://t.co/T9JjbybYBn
https://www.volexity.com/blog/2016/11/09/powerduke-post-election-spear-phishing-campaigns-targeting-think-tanks-and-ngos/
https://twitter.com/cyb3rops/status/796979901928734720
https://t.co/iQU6yTJpa8
http://securityaffairs.co/wordpress/53295/malware/telecrypt-ransomware.html
https://twitter.com/cyb3rops/status/796821475202310145
https://t.co/nlBSOzPdlT
https://blog.malwarebytes.com/threat-analysis/2016/11/floki-bot-and-the-stealthy-dropper/
https://twitter.com/cyb3rops/status/796502603320492032
https://t.co/cptjMdW9yE
https://blog.malwarebytes.com/cybercrime/exploits/2016/11/exploit-kits-fall-2016-review/amp/
https://twitter.com/cyb3rops/status/796457157470420992
https://t.co/m8lgfKt0pH
https://www.fireeye.com/blog/threat-research/2016/11/extending_linux_exec.html
https://twitter.com/cyb3rops/status/796455823312621568
https://t.co/yhlOuLc348
http://blog.trendmicro.com/trendlabs-security-intelligence/pawn-storm-ramps-up-spear-phishing-before-zero-days-get-patched/
https://twitter.com/cyb3rops/status/796449196924661760
https://t.co/aKrHnNPluO
https://www.helpnetsecurity.com/2016/11/09/pawn-storm-windows-zero-day-patch/
https://twitter.com/cyb3rops/status/796447535766315008
https://t.co/IRqbvIAiUJ
http://www.darknet.org.uk/2016/11/signal-messaging-app-formal-audit-results-are-good/
https://twitter.com/cyb3rops/status/795975307555696640
https://twitter.com/cyb3rops/status/795972058832314368
https://twitter.com/cyb3rops/status/795918139775156224
https://t.co/JLarSrtQzm
https://docs.google.com/spreadsheets/d/1H9_xaxQHpWaa4O_Son4Gx0YOIzlcBWMsdvePFX68EKU/pubhtml
https://twitter.com/cyb3rops/status/795895854683000832
https://t.co/Cg5xA4VDQJ
http://arstechnica.com/security/2016/11/fix-for-critical-android-rooting-bug-is-a-no-show-in-november-patch-release/
https://twitter.com/cyb3rops/status/795685641807925248
https://t.co/EH5xYndPX5
http://seclist.us/vlany-is-a-ld_preload-rootkit-for-x86_64-i686-and-arm-architectures.html
https://twitter.com/cyb3rops/status/795685408197713920
https://t.co/hBHgsBJmpf
http://arstechnica.com/security/2016/11/tesco-bank-online-fraudsters-attack-40000-current-accounts/
https://twitter.com/cyb3rops/status/795662172865097728
https://t.co/pL1qCVjs1s
https://github.com/CERT-BDF/TheHive
https://twitter.com/cyb3rops/status/795324660351168512
https://t.co/24dO0IkBxV
https://isc.sans.edu/diary/Hancitor%2BMaldoc%2BBypasses%2BApplication%2BWhitelisting/21683
https://twitter.com/cyb3rops/status/795193204949786624
https://t.co/R7jN0LHVIP
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_empire.yar
https://twitter.com/cyb3rops/status/795189687333830657
https://t.co/xO0EE7MYTA
http://www.kahusecurity.com/2016/wild-wild-west-112016/
https://twitter.com/cyb3rops/status/794809535257047040
https://t.co/1hybtQvX3N
http://www.hexacorn.com/blog/2016/11/05/office-macros-file-extensions-file-format-content-and-a-few-handling-stereotypes/
https://twitter.com/cyb3rops/status/794661628881108992
https://twitter.com/cyb3rops/status/794657912463491072
https://t.co/F2AbvTA6Me
https://t.co/76h9kT5S8v
https://mstarke.github.io/MacPass/
http://flattr.com/thing/1550529/mstarkeMacPass-on-GitHub
https://twitter.com/cyb3rops/status/794632653261701120
https://twitter.com/cyb3rops/status/794587226088833024
https://t.co/6p7dW1KWCk
https://securityintelligence.com/how-to-add-user-defined-aql-functions-in-qradar/
https://twitter.com/cyb3rops/status/794586044687650818
https://t.co/rwcGsf3mov
https://www.helpnetsecurity.com/2016/11/04/microsoft-extends-emet-support/
https://twitter.com/cyb3rops/status/794466860750241792
https://t.co/EXQ76mKjRz
https://adsecurity.org/?p=3377
https://twitter.com/cyb3rops/status/794459074066874368
https://twitter.com/cyb3rops/status/794439124950335488
https://t.co/9mXhOFoeTP
http://www.zerohedge.com/news/2016-11-03/julian-assange-ends-suspense-source-hacked-emails-not-russia
https://twitter.com/cyb3rops/status/794309812695814146
https://t.co/79f7YQpiT5
https://github.com/rough007/CDQR
https://twitter.com/cyb3rops/status/794306582821687296
https://t.co/1RZSt21JjI
https://www.wired.com/2016/11/block-ultrasonic-signals-didnt-know-tracking/
https://twitter.com/cyb3rops/status/794290910259531780
https://t.co/n7YQrTFHOs
https://theintercept.com/2016/10/31/fbis-go-hackers/
https://twitter.com/cyb3rops/status/794256910685970432
https://t.co/ekwXliP8Qx
http://blog.talosintel.com/2016/11/rig-exploit-kit-campaign-happy-puzzling.html
https://twitter.com/cyb3rops/status/794125654686126080
https://t.co/jg61yhHKYq
http://www.welivesecurity.com/post_paper/en-route-with-sednit-part-3-a-mysterious-downloader/
https://twitter.com/cyb3rops/status/793907902855675904
https://t.co/hIyJio2EUS
https://github.com/joelpx/plasma
https://twitter.com/cyb3rops/status/793833345792761857
https://t.co/jnp10jIlyV
http://canarytokens.org/generate
https://twitter.com/cyb3rops/status/793831590677901312
https://t.co/kiWYkznQB0
https://t.co/QwZBAzhOMP
https://github.com/keithjjones/visualize_logs
https://keithjjones.github.io/visualize_logs.github.io/
https://twitter.com/cyb3rops/status/793818566508310529
https://t.co/HorxfQIKxw
https://github.com/keithjjones/hostintel
https://twitter.com/cyb3rops/status/793757888506310656
https://t.co/IVX8siNz0m
http://etckeeper.branchable.com/
https://twitter.com/cyb3rops/status/793710594381778944
https://t.co/KOLIKUvbeM
http://blog.erratasec.com/2016/11/debunking-trumps-secret-server.html?m=1
https://twitter.com/cyb3rops/status/793708192849092608
https://t.co/qG5zxuiDFy
https://t.co/0jo45QLRY2
https://www.arbornetworks.com/blog/asert/flying-dragon-eye-uyghur-themed-threat-activity/
https://www.arbornetworks.com/blog/asert/wp-content/uploads/2016/09/FlyingDragonEye_IOC.csv
https://twitter.com/cyb3rops/status/793589797495435265
https://t.co/vSLE3ZaBLv
https://suricata-ids.org/2016/11/01/suricata-3-1-3-released/
https://twitter.com/cyb3rops/status/793589444121165824
https://t.co/4PqRU2695w
http://www.harmj0y.net/blog/powershell/kerberoasting-without-mimikatz/
https://twitter.com/cyb3rops/status/793589294283751425
https://t.co/zn4IzXfLGM
https://blog.torproject.org/blog/announcing-tor-browser-user-manual
https://twitter.com/cyb3rops/status/793581608595054593
https://t.co/ORouRdZKQE
https://t.co/PwrwQbGoJV
https://cse.google.com/cse/publicurl?cx=003248445720253387346:turlh5vi4xc
https://docs.google.com/spreadsheets/d/1oWM2wtabiPuR4asNDUv_wkmcnMdj6hffo6ekfO8mPKA
https://twitter.com/cyb3rops/status/793419350086651904
https://t.co/r79EHj6IyL
https://blog.rootshell.be/2016/11/01/debriefing-brucon-network/
https://twitter.com/cyb3rops/status/793364332281200640
https://t.co/HhlVdsnkie
https://github.com/IronCoreLabs/ironssh
https://twitter.com/cyb3rops/status/793356136439242752
https://t.co/rrnjUoDYTM
http://ohmyz.sh/
https://twitter.com/cyb3rops/status/793222145266573312
https://t.co/aly9UhCQa6
http://blog.fortinet.com/2016/10/31/the-first-major-update-of-cerber-4-ransomware-has-surfaced
https://twitter.com/cyb3rops/status/793148322022326276
https://t.co/v3sEagshOj
http://blog.fortinet.com/2016/10/31/microsoft-kernel-integer-overflow-vulnerability
https://twitter.com/cyb3rops/status/793147937949908992
https://t.co/ZALJFBJBSF
http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2016-3298-microsoft-fixes-another-ie-zero-day-used-in-adgholas/
https://twitter.com/cyb3rops/status/793133894031867904
https://t.co/Xqc4MBKcX4
https://twitter.com/crowdshield/status/793133388798398464
https://twitter.com/cyb3rops/status/793133571854725120
https://t.co/q6GOnJLv7W
https://t.co/Ez7J98e1Yw
https://gitlab.com/rhab/PyOTRS/
https://pyotrs.readthedocs.io/en/latest/readme.html
https://twitter.com/cyb3rops/status/793066297642844160
https://t.co/GRbrGZGiBX
http://blog.trendmicro.com/trendlabs-security-intelligence/ios-masque-attack-spoof-apps-bypass-privacy-protection/
https://twitter.com/cyb3rops/status/792976931696287744
https://t.co/zvkGHODGYe
http://blog.jpcert.or.jp/2016/10/verification-of-ad9d.html
https://twitter.com/cyb3rops/status/792703059294027776
https://t.co/pmw1l2JINP
http://www.swiftforensics.com/2016/10/wofcompressed-streams-in-windows-10.html
https://twitter.com/cyb3rops/status/792516324736045056
https://t.co/XSZlG9BmSO
https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml
https://twitter.com/cyb3rops/status/792512921062572032
https://t.co/UvB2hIl8n1
https://t.co/vdtrlEbAgQ
http://cans2016.di.unimi.it/program
https://ianix.com/pub/curve25519-deployment.html
https://twitter.com/cyb3rops/status/792510803895316480
https://t.co/0zDkvCWrqu
https://t.co/sn6gTNpaux
https://t.co/NqSn1RFKyZ
https://t.co/NU7IxGeUi4
https://virusscan.jotti.org/
https://www.metadefender.com/#!/scan-file
http://VirSCAN.org
http://www.virscan.org/
https://twitter.com/cyb3rops/status/792309818937802753
https://t.co/GgsosxA96g
https://github.com/anmoljagetia/Flatabulous/blob/master/README.md
https://twitter.com/cyb3rops/status/792307713090973696
https://t.co/wFVJaRHOj1
https://t.co/QxVMlseBQc
https://fastnetmon.com/
https://github.com/pavel-odintsov/fastnetmon
https://twitter.com/cyb3rops/status/792305267157372928
https://t.co/ORouRdZKQE
https://t.co/yggvpAy9ce
https://cse.google.com/cse/publicurl?cx=003248445720253387346:turlh5vi4xc
https://gist.github.com/Neo23x0/c4f40629342769ad0a8f3980942e21d3
https://twitter.com/cyb3rops/status/791923809435553792
https://t.co/MqqsUOISmA
https://github.com/google/timesketch
https://twitter.com/cyb3rops/status/791707113349324801
https://t.co/5xEVkOj4DK
https://securityintelligence.com/new-security-enhancements-microsoft-windows-server-2016/
https://twitter.com/cyb3rops/status/791573571659268096
https://twitter.com/cyb3rops/status/791571775209472000
https://t.co/OfqxAIizoe
https://www.spamhaus.org/statistics/tlds/
https://twitter.com/cyb3rops/status/791534694827524097
https://t.co/0IxcpCxtox
https://blogs.technet.microsoft.com/mmpc/2016/10/26/office-2013-can-now-block-macros-to-help-prevent-infection/
https://twitter.com/cyb3rops/status/791533872454443008
https://t.co/Ic4vS6ASYJ
http://payload-security.blogspot.com/2016/10/on-dridex-and-new-zero-day-distribution.html
https://twitter.com/cyb3rops/status/791393476332191748
https://t.co/Gs5j3jU2MS
https://sandbox.anlyz.io
https://twitter.com/cyb3rops/status/791179045241225216
https://twitter.com/cyb3rops/status/791031717712756736
https://t.co/RKnLoWZvCG
https://github.com/veino/logfan/
https://twitter.com/cyb3rops/status/791013649309655040
https://t.co/mPiJGzEm0X
https://nakedsecurity.sophos.com/2016/10/25/apple-ios-users-taste-android-anxiety-with-nasty-coregraphics-image-flaw/amp/
https://twitter.com/cyb3rops/status/791012763942391808
https://t.co/hXOUXDVUkA
https://nakedsecurity.sophos.com/2016/10/25/dirtycow-linux-hole-works-on-android-too-root-at-will/amp/
https://twitter.com/cyb3rops/status/791012644429889536
https://t.co/5shQJ1zyNN
http://blogs.cisco.com/security/talos/libtiff-code-execution
https://twitter.com/cyb3rops/status/791012281052172288
https://t.co/P28qFNi5mO
https://github.com/timwr/CVE-2016-5195
https://twitter.com/cyb3rops/status/790923981528457220
https://t.co/oJqess0mCD
http://www.slideshare.net/JohnLaycock1/yet-another-yara-allocution-yaya
https://twitter.com/cyb3rops/status/790916592393711616
https://twitter.com/cyb3rops/status/790564017483964417
https://t.co/1aZ0VBjapc
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_dirtycow.yar
https://twitter.com/cyb3rops/status/790508554088280064
https://t.co/OwfS5alkMx
http://arstechnica.com/security/2016/10/using-rowhammer-bitflips-to-root-android-phones-is-now-a-thing/
https://twitter.com/cyb3rops/status/790460423833264128
https://twitter.com/cyb3rops/status/790317581504610304
https://twitter.com/cyb3rops/status/790307559680901122
https://t.co/gHSzsYnXJd
https://gist.github.com/Neo23x0/e800b698dd8739c957144722dc5195c8
https://twitter.com/cyb3rops/status/790170582503546880
https://t.co/0J61KlhxQ5
https://github.com/SafeBreach-Labs/pwndsh/
https://twitter.com/cyb3rops/status/790077552735948800
https://t.co/ZYEBF5WlZ5
http://hub.dyn.com/static/hub.dyn.com/dyn-blog/dyn-statement-on-10-21-2016-ddos-attack.html
https://twitter.com/cyb3rops/status/789879840195252224
https://t.co/1aZ0VB1z0C
https://t.co/gEK3ctm4OQ
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_dirtycow.yar
http://pastebin.com/T9hCuzN4
https://twitter.com/cyb3rops/status/789745345064468480
https://t.co/xFrqawIMbf
http://blog.erratasec.com/2016/10/yes-we-can-validate-wikileaks-emails.html
https://twitter.com/cyb3rops/status/789491108078321664
https://t.co/Erk2DA8t37
https://adsecurity.org/?p=3299
https://twitter.com/cyb3rops/status/789388143447384064
https://t.co/ZXEievcHaJ
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161019-asa-idfw
https://twitter.com/cyb3rops/status/789362123239518209
https://t.co/LB6byIYIeg
http://dirtycow.ninja/
https://twitter.com/cyb3rops/status/789357850657189888
https://twitter.com/cyb3rops/status/789354904712318976
https://t.co/Rrs9nncEBH
https://github.com/michenriksen/birdwatcher
https://twitter.com/cyb3rops/status/789221820545298432
https://t.co/ifs1al6dnn
http://forensicmethods.com/memory-forensics-cheat-sheet
https://twitter.com/cyb3rops/status/789214367514501125
https://t.co/cwFcb3VIxk
http://arstechnica.com/security/2016/10/most-serious-linux-privilege-escalation-bug-ever-is-under-active-exploit/
https://twitter.com/cyb3rops/status/789141088657346560
https://t.co/5t9AIysZgU
https://github.com/khamidou/lptrace
https://twitter.com/cyb3rops/status/789111812390260736
https://t.co/G16ErpziGy
https://t.co/VCDZKBebk5
http://www.welivesecurity.com/2016/10/20/new-eset-research-paper-puts-sednit-under-the-microscope/
https://github.com/eset/malware-ioc/
https://twitter.com/cyb3rops/status/789064682774618112
https://t.co/LVvxvWzW4r
https://securelist.com/blog/research/76396/windows-zero-day-exploit-used-in-targeted-attacks-by-fruityarmor-apt/
https://twitter.com/cyb3rops/status/789013986708717570
https://t.co/rXHLOsrfhk
http://tech.firstpost.com/news-analysis/no-loss-to-customers-from-the-recent-cyber-attack-says-axis-bank-342358.html
https://twitter.com/cyb3rops/status/788999707779600384
https://t.co/90tanjSN2O
https://www.threatconnect.com/blog/threatconnect-discovers-chinese-apt-activity-in-europe/
https://twitter.com/cyb3rops/status/788836552667459584
https://t.co/0Yu5IQqIAZ
http://blog.talosintel.com/2016/10/mbrfilter.html?utm_source=twitterfeed&utm_medium=twitter&utm_campaign=Feed%3A+feedburner%2FTalos+%28Talos+Blog%29
https://twitter.com/cyb3rops/status/788789881946382336
https://t.co/00cOe5cgLR
https://t.co/6ylSKaVwxF
http://OSTIF.org
https://ostif.org/the-veracrypt-audit-results/
https://twitter.com/cyb3rops/status/788711668188667904
https://t.co/emf02rptoT
http://arstechnica.com/security/2016/10/flaw-in-intel-chips-could-make-malware-attacks-more-potent/
https://twitter.com/cyb3rops/status/788710646833700864
https://t.co/a9JJvQwL1c
https://www.youtube.com/watch?v=MdulbF0bQQ8
https://twitter.com/cyb3rops/status/788632896370278400
https://t.co/pBNpUzQJgj
http://seclist.us/exploit_generator-automated-exploit-generation-with-windbg.html
https://twitter.com/cyb3rops/status/788632011556651008
https://t.co/YCMB4ANV7x
https://isc.sans.edu/diary/Spam%2BDelivered%2Bvia%2B.ICS%2BFiles/21611
https://twitter.com/cyb3rops/status/788631651018502144
https://t.co/VcqhaB9RTZ
https://www.helpnetsecurity.com/2016/10/19/gpg-keys-syncing-tool/
https://twitter.com/cyb3rops/status/788514060593692674
https://t.co/5Cq1qnrkbZ
http://researchcenter.paloaltonetworks.com/2016/10/unit42-dealerschoice-sofacys-flash-player-exploit-platform/
https://twitter.com/cyb3rops/status/788508066287411200
https://t.co/UagnyMwpH0
https://blog.cylance.com/digitally-signed-malware-targeting-gaming-companies
https://twitter.com/cyb3rops/status/787967405398065152
https://t.co/o7wJhchox5
https://techanarchy.net/2016/10/extracting-lastpass-site-credentials-from-memory/
https://twitter.com/cyb3rops/status/787967082797338624
https://t.co/wXUJyEH67V
http://seclist.us/commix-v1-4-automatic-all-in-one-os-command-injection-and-exploitation-tool.html
https://twitter.com/cyb3rops/status/787740439608721408
https://t.co/aXZBEYfzef
http://www.kahusecurity.com/2016/deobfuscating-a-malicious-php-downloader/
https://twitter.com/cyb3rops/status/787739967082618881
https://t.co/OHn5ytcBo1
http://seclist.us/owasp-vbscan-v0-1-7-is-a-black-box-vbulletin-vulnerability-scanner.html
https://twitter.com/cyb3rops/status/787729099414470656
https://t.co/CVJqKByumn
https://github.com/arthepsy/ssh-audit
https://twitter.com/cyb3rops/status/787709746258255874
https://t.co/ErBoAtB5JR
https://github.com/infosecguerrilla/WindowsMalwareSourceCode
https://twitter.com/cyb3rops/status/787398468432175104
https://t.co/BlpBlMilGl
http://www.threatgeek.com/2016/10/trickbot-the-dyre-connection.html
https://twitter.com/cyb3rops/status/787323617189228544
https://t.co/V3kibcl5N3
https://github.com/ilpianista/arch-audit/
https://twitter.com/cyb3rops/status/787305723172642818
https://t.co/kztECf07CZ
https://github.com/malicialab/avclass/blob/master/README.md
https://twitter.com/cyb3rops/status/787302712534769664
https://t.co/X0Q4iJOUms
https://github.com/infosecguerrilla/LinuxMalwareSourceCode
https://twitter.com/cyb3rops/status/787301738898268160
https://t.co/kMBEbDDXGb
https://github.com/droidefense/engine
https://twitter.com/cyb3rops/status/787206356973543424
https://t.co/dxgFfF33bx
https://krakenrider.blogspot.de/
https://twitter.com/cyb3rops/status/787203919894151168
https://t.co/5CTBTX9bK3
https://t.co/9hJ8iJCgzN
http://www.micheloosterhof.com/cowrie/
https://github.com/micheloosterhof/cowrie
https://twitter.com/cyb3rops/status/787057552383152128
https://t.co/OXypHCcCGP
http://www.binarytides.com/linux-commands-monitor-network/
https://twitter.com/cyb3rops/status/787026202406125568
https://t.co/kak56OgcjC
https://github.com/xujun10110/dymerge
https://twitter.com/cyb3rops/status/786977942345814017
https://t.co/x5Zhllqc0T
https://blog.didierstevens.com/2016/10/14/analyzing-office-maldocs-with-decoder-xls/amp/
https://twitter.com/cyb3rops/status/786977816919302144
https://t.co/1cZSfieIFS
https://blog.gdatasoftware.com/2016/10/29245-meet-the-latest-member-of-the-locky-family-odin
https://twitter.com/cyb3rops/status/786812918952185856
https://t.co/8KWaRhiw6B
https://github.com/Screetsec/Dracnmap
https://twitter.com/cyb3rops/status/786474594530168832
https://t.co/1wrfrO0q1x
https://t.co/PHFNulqleW
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_oilrig.yar
http://researchcenter.paloaltonetworks.com/2016/10/unit42-oilrig-malware-campaign-updates-toolset-and-expands-targets/
https://twitter.com/cyb3rops/status/786163172927533056
https://t.co/PHFNulqleW
http://researchcenter.paloaltonetworks.com/2016/10/unit42-oilrig-malware-campaign-updates-toolset-and-expands-targets/
https://twitter.com/cyb3rops/status/786104415816183809
https://t.co/i5lk0kdm9a
http://seclist.us/theharvester-v-2-7-e-mail-subdomain-and-people-names-harvester.html
https://twitter.com/cyb3rops/status/785883513438502912
https://t.co/UW789YQ2UM
https://github.com/ztgrace/changeme
https://twitter.com/cyb3rops/status/785732000514727937
https://t.co/T2hVy7g6iA
https://github.com/t0x0-nz/ph0neutria
https://twitter.com/cyb3rops/status/785491324476719105
https://t.co/mPwK1oqq5B
https://room362.com/post/2016/snagging-creds-from-locked-machines/
https://twitter.com/cyb3rops/status/785397060686282753
https://twitter.com/cyb3rops/status/785393807361765377
https://twitter.com/cyb3rops/status/785389643772600324
https://t.co/Z7fgHHTrgR
https://twitter.com/gN3mes1s/status/784705543655059456
https://twitter.com/cyb3rops/status/785385709666525185
https://t.co/BqcPzPCzO2
https://support.microsoft.com/en-us/kb/2389418
https://twitter.com/cyb3rops/status/785375570863460352
https://t.co/uKzso3He5A
http://c0d3xpl0it.blogspot.de/2016/10/dumping-ntdsdit-file-from-active-directory.html
https://twitter.com/cyb3rops/status/785372037992812544
https://t.co/pa4E1JKWwp
http://seclist.us/needle-v0-0-4-the-ios-security-testing-framework.html
https://twitter.com/cyb3rops/status/785057372351893504
https://t.co/OdzIoB4voG
http://chromium.woolyss.com/
https://twitter.com/cyb3rops/status/785053954845663232
https://t.co/rSTmITgUjM
https://t.co/dxgFfF33bx
https://t.co/iyQRnhIDU8
https://www.cecpq1.com/
https://krakenrider.blogspot.de/
https://twitter.com/mjos_crypto/status/785011455603204096
https://twitter.com/cyb3rops/status/784877939976499200
https://t.co/v5LBCL5nl9
https://github.com/Sucuri/sucuri-wordpress-plugin
https://twitter.com/cyb3rops/status/784875331832479745
https://t.co/opawz83T3C
http://www.kahusecurity.com/2016/javascript-leads-to-browser-hijacking/
https://twitter.com/cyb3rops/status/784743098517708800
https://t.co/2yVW0xOqug
http://suso.suso.org/docs/infosheets/HTTP_status_codes.gif
https://twitter.com/cyb3rops/status/784651797176680448
https://t.co/CAMunW2ByT
https://github.com/sanvil/vsaudit
https://twitter.com/cyb3rops/status/784650762651656192
https://t.co/ROnCAqzaMA
https://github.com/CylanceSPEAR/mitmcanary
https://twitter.com/cyb3rops/status/784520471924633600
https://t.co/QUcG6xNWt6
https://github.com/Neo23x0/Loki/tree/master/tools
https://twitter.com/cyb3rops/status/784427293473136640
https://t.co/prTfysqIoz
https://www.intego.com/mac-security-blog/macos-sierra-security-and-privacy-features-overview/
https://twitter.com/cyb3rops/status/784423117288574976
https://twitter.com/cyb3rops/status/784419506001158144
https://t.co/ydvcuaMERz
https://github.com/Genetic-Malware/Ebowla
https://twitter.com/cyb3rops/status/784388963469500416
https://twitter.com/cyb3rops/status/784388340451868672
https://t.co/2lfItWzFnJ
https://github.com/Neo23x0/signature-base/blob/master/yara/crime_mirai.yar
https://twitter.com/cyb3rops/status/784366550421733377
https://t.co/1v5XUzo2Ix
https://www.schneier.com/blog/archives/2016/10/nsa_contractor_.html
https://twitter.com/cyb3rops/status/784366227363954688
https://t.co/fgaTHaFRte
http://www.fireeye.com/blog/threat-research/2016/10/increased_use_ofwmi.html
https://twitter.com/cyb3rops/status/784302583431114754
https://t.co/hYecfkPmSA
http://www.misp-project.org/tools/
https://twitter.com/cyb3rops/status/784279996642635776
https://t.co/XtIa0uDXPr
https://t.co/VVqnGnbCMt
https://en.wikipedia.org/wiki/Aho%E2%80%93Corasick_algorithm
https://github.com/Neo23x0/Loki
https://twitter.com/cyb3rops/status/784167084280406016
https://t.co/8UxeTsCrQ4
https://github.com/stealth/harddns
https://twitter.com/cyb3rops/status/784034461264609280
https://twitter.com/cyb3rops/status/784023512856031233
https://t.co/rIUfdkkT2y
https://github.com/mkorman90/VolatilityBot
https://twitter.com/cyb3rops/status/784023037679108096
https://t.co/uNg3gQRcMt
https://github.com/joesecurity/pafishmacro
https://twitter.com/cyb3rops/status/783981959697600512
https://t.co/SzGrk1uYB8
https://www.threatconnect.com/blog/russia-hacks-bellingcat-mh17-investigation/
https://twitter.com/cyb3rops/status/783948122103963648
https://t.co/2ydeVTrdX8
http://blog.trendmicro.com/trendlabs-security-intelligence/stampado-ransomware-analysis-led-yara-improvements/
https://twitter.com/cyb3rops/status/783946732128329728
https://t.co/X2QtLeG8x8
https://t.co/Lq7domgNIU
http://www.miasm.re/blog/2016/09/03/zeusvm_analysis.html
https://github.com/cea-sec/miasm
https://twitter.com/cyb3rops/status/783575213913083904
https://t.co/EQJzZE13w1
http://www.syhunt.com/sandcat/
https://twitter.com/cyb3rops/status/783570017220788224
https://t.co/j7ZKcYMQ31
https://www.schneier.com/blog/archives/2016/10/is_whatsapp_hac.html
https://twitter.com/cyb3rops/status/783568756224225280
https://t.co/N8Cv5keXtn
http://www.harmj0y.net/blog/empire/the-empire-strikes-back/
https://twitter.com/cyb3rops/status/783555323089063936
https://t.co/IPz7fLqoWB
http://arstechnica.com/security/2016/10/guccifer-2-0-posts-dccc-docs-says-theyre-from-clinton-foundation/
https://twitter.com/cyb3rops/status/783390058678190081
https://t.co/YeOaBGD89E
https://source.android.com/security/bulletin/2016-10-01.html
https://twitter.com/cyb3rops/status/783276579153731584
https://t.co/iOprUrrRnz
http://www.chinausfocus.com/peace-security/the-great-moderation-china-and-the-us-in-cyberspace
https://twitter.com/cyb3rops/status/783195416670134272
https://t.co/N3cf587sJP
https://t.co/qumON5peBt
https://sourceforge.net/p/rcexploiter/wiki/RC-EXPLOITER%20WIKI/
https://github.com/govolution/betterdefaultpasslist
https://twitter.com/cyb3rops/status/783192270417891328
https://t.co/Kc65feUB8R
https://github.com/jgamblin/Mirai-Source-Code
https://twitter.com/cyb3rops/status/783065042879188992
https://t.co/5i9Kq4E3RK
https://github.com/CoolerVoid/raptor_waf
https://twitter.com/cyb3rops/status/783040658131025920
https://t.co/ct5oaJ0xUg
https://t.co/zsTaG6ItqD
https://github.com/deltaxflux/fluxion/wiki/Tutorial
https://github.com/deltaxflux/fluxion
https://twitter.com/cyb3rops/status/782988411292573696
https://t.co/Ntz4iHPJ08
https://www.arbornetworks.com/blog/asert/panda-bankers-future-dga/
https://twitter.com/cyb3rops/status/782972611647201280
https://t.co/GMkrsc2F6I
https://www.malwaretech.com/2016/10/mapping-mirai-a-botnet-case-study.html
https://twitter.com/cyb3rops/status/782847999789658113
https://t.co/ljnBMSLvkZ
https://github.com/ncatlin/rgat
https://twitter.com/cyb3rops/status/782822468482457600
https://t.co/FBZBkzkNqD
http://seclist.us/blackbox-v2-a-penetration-testing-framework.html
https://twitter.com/cyb3rops/status/782653756190158848
https://t.co/BaupjE7whS
https://github.com/noffle/art-of-readme
https://twitter.com/cyb3rops/status/782470570223034369
https://t.co/wDWXawIE0T
https://github.com/k4m4/onioff
https://twitter.com/cyb3rops/status/782469814707249152
https://t.co/gvu0UdQyRj
https://github.com/cornerpirate/ReportCompiler
https://twitter.com/cyb3rops/status/782468929432190976
https://t.co/h7O6BriSUe
http://seclist.us/sqlmap-v1-0-10-automatic-sql-injection-and-database-takeover-tool.html
https://twitter.com/cyb3rops/status/782468153632813056
https://t.co/o2AUiibuQY
http://malware.dontneedcoffee.com/2016/10/rig-evolves-neutrino-waves-goodbye.html?m=1
https://twitter.com/cyb3rops/status/782467450394800128
https://t.co/RfvLoOJrCa
http://blog.nibblesec.org/2016/10/defending-against-java-deserialization.html
https://twitter.com/cyb3rops/status/782339949026836480
https://t.co/ZNuvts1E6e
https://krebsonsecurity.com/2016/10/source-code-for-iot-botnet-mirai-released/
https://twitter.com/cyb3rops/status/782321691036946432
https://t.co/fWOJ8bNpWo
https://fex.rus.uni-stuttgart.de/
https://twitter.com/cyb3rops/status/782156882580570112
https://twitter.com/cyb3rops/status/782114631041122304
https://t.co/NFYJTazZ7Z
http://blog.talosintel.com/2016/09/vulnerability-spotlight-jpeg2000.html
https://twitter.com/cyb3rops/status/781921587100540928
https://t.co/Xpiy8X3Y4Z
https://blog.malwarebytes.com/cybercrime/2016/09/lesser-known-tricks-of-spoofing-extensions/
https://twitter.com/cyb3rops/status/781869828265172992
https://t.co/ajpTiwXdfJ
https://blog.malwarebytes.com/cybercrime/2016/09/imitation-ublock-origin-app-spotted-on-chrome-store/
https://twitter.com/cyb3rops/status/781869488337739776
https://t.co/o2fUaRFfz1
https://dawnscanner.org/
https://twitter.com/cyb3rops/status/781844543469711360
https://t.co/XYuf8g6Rvb
https://trackography.org/
https://twitter.com/cyb3rops/status/781751915700953088
https://t.co/cWtX9V0WU1
https://blogs.mcafee.com/mcafee-labs/sharing-cybersecurity-threat-intelligence-way-win/
https://twitter.com/cyb3rops/status/781612076368363521
https://t.co/fcaZoFuTRK
https://ccdcoe.org/multimedia/national-cyber-security-organisation-china.html
https://twitter.com/cyb3rops/status/781611607625433088
https://t.co/JNa6FnM3wv
https://nmap.org/changelog.html
https://twitter.com/cyb3rops/status/781521776941625344
https://t.co/Pl89YgKUw3
https://www.tracewrangler.com/
https://twitter.com/cyb3rops/status/781489018840244224
https://t.co/KDnCI3VDz1
https://github.com/trailofbits/abstractanalysis
https://twitter.com/cyb3rops/status/781157467321401344
https://twitter.com/cyb3rops/status/781014567157653505
https://t.co/f1OsvC9ODi
http://arstechnica.com/information-technology/2016/09/microsoft-launches-fuzzing-as-a-service-to-help-developers-find-security-bugs/
https://twitter.com/cyb3rops/status/781014256925962240
https://t.co/wwGXWF4KbI
http://blog.fortinet.com/2016/09/27/dissecting-mamba-the-disk-encrypting-ransomware
https://twitter.com/cyb3rops/status/781013418186776576
https://t.co/heVPKWsmSf
https://blog.didierstevens.com/2016/09/28/decoder-search-py-beta/amp/
https://twitter.com/cyb3rops/status/780779350664876032
https://t.co/tz9mFEJzVa
https://github.com/defpoint/threat_note
https://twitter.com/cyb3rops/status/780767251150606336
https://twitter.com/cyb3rops/status/780754939207442432
https://twitter.com/cyb3rops/status/780663756581957632
https://t.co/OSXzBa4fIV
http://researchcenter.paloaltonetworks.com/2016/09/unit42-sofacys-komplex-os-x-trojan/
https://twitter.com/cyb3rops/status/780662527252365312
https://t.co/9928hFfEgM
http://www.hexacorn.com/blog/2016/09/26/old-flame-never-dies-a-k-a-decompiling-lua/
https://twitter.com/cyb3rops/status/780474256903835648
https://t.co/xM27cXSnld
https://github.com/giMini/PowerMemory
https://twitter.com/cyb3rops/status/780444764655259648
https://t.co/KEhbVAOFUu
http://www.welivesecurity.com/2016/09/26/usbee-spy-isolated-system-usb/
https://twitter.com/cyb3rops/status/780444129369161733
https://t.co/udWR2NWMnz
https://github.com/HynekPetrak/malware-jail
https://twitter.com/cyb3rops/status/780443540958613504
https://t.co/iz5Q5eLqrU
https://www.insinuator.net/2016/09/diving-into-emet/
https://twitter.com/cyb3rops/status/780375422034972673
https://t.co/VHTrXQruqs
http://securityaffairs.co/wordpress/51655/reports/compromised-websites-study.html
https://twitter.com/cyb3rops/status/779984365577183232
https://t.co/nQA0OLQpdw
https://dripcap.org/
https://twitter.com/cyb3rops/status/779360888042258433
https://t.co/CdojHpo6Fa
https://github.com/dradis/dradis-acunetix
https://twitter.com/cyb3rops/status/779012787158786048
https://t.co/S8mqj2paf5
http://blog.trendmicro.com/trendlabs-security-intelligence/rar-javascript-ransomware-figures-fluctuations-email-attachments/
https://twitter.com/cyb3rops/status/779010669848961024
https://t.co/CdYnp9HPx6
https://motherboard.vice.com/read/yahoo-supposed-data-breach-200-million-credentials-dark-web
https://twitter.com/cyb3rops/status/779009657214042112
https://t.co/s0Be0Pctay
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160922-esa
https://twitter.com/cyb3rops/status/778912284785700865
https://t.co/1tSUoIxY9U
https://dexter.dexlabs.org/
https://twitter.com/cyb3rops/status/778832502551040001
https://t.co/JJ5eIIWocq
https://blog.malwarebytes.com/cybercrime/2016/09/hosts-file-hijacks/amp/
https://twitter.com/cyb3rops/status/778695531690283008
https://t.co/5iSzzqtrZk
https://www.virustotal.com/en/domain/down.97725.com/information/
https://twitter.com/cyb3rops/status/778685194555432960
https://twitter.com/cyb3rops/status/778684426192494593
https://t.co/bVUGvduN0z
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_pirpi.yar
https://twitter.com/cyb3rops/status/778682843127947265
https://t.co/Kf2Q1rFlwW
https://www.virustotal.com/en/documentation/public-api/#making-comments
https://twitter.com/cyb3rops/status/778679917072396288
https://t.co/4ePl8ZiH4q
https://t.co/IdqfkdrxCW
https://t.co/GBBjPi5v3s
http://www.symantec.com/connect/blogs/buckeye-cyberespionage-group-shifts-gaze-us-hong-kong
https://www.virustotal.com/en/file/2a5a0bc350e774bd784fc25090518626b65a3ce10c7401f44a1616ea2ae32f4c/analysis/
https://www.virustotal.com/en/file/8caa179ec20b6e3938d17132980e0b9fe8ef753a70052f7e857b339427eb0f78/analysis/
https://twitter.com/cyb3rops/status/778635781841780737
https://t.co/RjfXbqRrX3
http://blog.kiddaland.net/2016/09/what-flies-there-what-fares-there-or.html?m=1&utm_content=buffer3a607&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
https://twitter.com/cyb3rops/status/778537538109706240
https://t.co/IGWAqP6cIb
http://www.slideshare.net/harmj0y/trusts-you-might-have-missed-44con
https://twitter.com/cyb3rops/status/778480846219116544
https://t.co/Z6BOZgZs67
http://seclist.us/backdoor-apk-v0-1-4-is-a-shell-script-that-simplifies-the-process-of-adding-a-backdoor-to-any-android-apk-file.html
https://twitter.com/cyb3rops/status/778158672161697792
https://t.co/Frf8QmjNpL
http://sdb.tools
https://twitter.com/cyb3rops/status/778125572224512004
https://t.co/7q1JdmQ63F
https://github.com/Microsoft/perfview
https://twitter.com/cyb3rops/status/778119337718808576
https://t.co/q8Avrbde6m
http://blog.cloudflare.com/new-wordpress-plugin/amp/
https://twitter.com/cyb3rops/status/777949200449413120
https://t.co/H0PktFE8jG
https://github.com/glmcdona/Process-Dump
https://twitter.com/cyb3rops/status/777947857663954944
https://t.co/QCF4UwvHyU
https://hacked.com/major-press-agencies-suing-fbi-to-know-who-hacked-iphone/
https://twitter.com/cyb3rops/status/777945939826864128
https://t.co/z04ZNKzSeX
https://blog.glasswire.com/2016/09/19/how-to-see-if-your-vpn-is-leaking-your-ip-and-stop-it/
https://twitter.com/cyb3rops/status/777945405023776769
https://t.co/tWyHOasJBA
https://www.zscaler.com/blogs/research/ispy-keylogger
https://twitter.com/cyb3rops/status/777826630869843968
https://t.co/q4IJoSHEZE
http://forum.sysinternals.com/handleexe-handle64exe-setthreaderrormode-error_topic32326.html
https://twitter.com/cyb3rops/status/777497207616507904
https://t.co/DV0proNOOR
https://isc.sans.edu/diary/Multiple%2BCisco%2BProducts%2Baffected%2Bby%2BIKEv1%2BVulnerability/21491
https://twitter.com/cyb3rops/status/777496901327413248
https://t.co/XqOEavYlEV
https://github.com/Guzmud/thearchitect
https://twitter.com/cyb3rops/status/777496416893755392
https://t.co/WHCapHpkVh
https://github.com/mrzool/bash-sensible/blob/master/README.md
https://twitter.com/cyb3rops/status/777480443801247744
https://t.co/dlLRBPn0ZK
https://www.insinuator.net/2016/09/files-your-webserver-shouldnt-deliver/
https://twitter.com/cyb3rops/status/777465270940164096
https://twitter.com/cyb3rops/status/777114777164378112
https://t.co/fcgdkz1Jy5
https://github.com/dnlongen/Snort-DNS
https://twitter.com/cyb3rops/status/777112441721393153
https://t.co/96C3ITUi1J
https://blogs.mcafee.com/mcafee-labs/locky-ransomware-hides-inside-packed-dll/
https://twitter.com/cyb3rops/status/777065274117910528
https://t.co/WzHRjK2wKd
https://github.com/future-architect/vuls
https://twitter.com/cyb3rops/status/776833872248053761
https://twitter.com/cyb3rops/status/776829289425698816
https://twitter.com/cyb3rops/status/776828176878174208
https://t.co/mV3zh2M4SB
https://www.bsk-consulting.de/apt-scanner-thor/
https://twitter.com/cyb3rops/status/776688776328450048
https://t.co/TLtFfe11iB
https://github.com/Neo23x0/signature-base/commit/eca1aacf8c8b4f133c0868315c6bde4773f6aae6
https://twitter.com/cyb3rops/status/776554648001994752
https://t.co/EQbZIEYVxT
https://www.theguardian.com/technology/2016/jun/08/belgium-nations-vulnerable-hacking-exposed-servers-rapid7-heat-map-internet
https://twitter.com/cyb3rops/status/776497763467063296
https://t.co/qbvQBNJrLT
http://arstechnica.com/security/2016/09/alibaba-fires-employees-for-hacking-their-way-to-free-mooncakes/
https://twitter.com/cyb3rops/status/776497251569004544
https://t.co/Y1EqUYaX5T
https://blog.rootshell.be/2016/09/15/ip-address-open-source-intelligence-win/
https://twitter.com/cyb3rops/status/776312555778310144
https://twitter.com/cyb3rops/status/776307382607544320
https://t.co/YeVvlWvWdV
https://t.co/nbQpgSbGLp
http://ASP.NET
https://technet.microsoft.com/library/security/3181759
https://twitter.com/cyb3rops/status/776306385927692289
https://t.co/WEaBvRPJ1c
http://blog.trendmicro.com/trendlabs-security-intelligence/bksod-by-ransomware-hddcryptor-uses-commercial-tools-to-encrypt-network-shares-and-lock-hdds/
https://twitter.com/cyb3rops/status/776304731048271872
https://t.co/vGYQ5Gq8y7
https://blogs.forcepoint.com/security-labs/locky-distributor-uses-newly-released-quant-loader-sold-russian-underground
https://twitter.com/cyb3rops/status/776303275331182592
https://t.co/7oSTp2B8GY
http://researchcenter.paloaltonetworks.com/2016/09/mile-tea-cyber-espionage-campaign-targets-asia-pacific-businesses-and-government-agencies/
https://twitter.com/cyb3rops/status/776302662375596032
https://t.co/6DxdANyyYf
http://seclist.us/heathen-internet-of-things-pentesting-framework.html
https://twitter.com/cyb3rops/status/776299315199348736
https://t.co/bLWKh13VIK
http://www.zerohedge.com/news/2016-09-13/how-much-it-costs-get-ambassadorship-guccifer-20-leaks-dnc-pay-play-donor-list
https://twitter.com/cyb3rops/status/776157084303974400
https://t.co/SfBiEN3ZSO
http://www.symantec.com/content/en/us/enterprise/media/security_response/docs/Symantec-Buckeye-IOCs.txt
https://twitter.com/cyb3rops/status/776058909689835520
https://twitter.com/cyb3rops/status/776058146901135360
https://twitter.com/cyb3rops/status/775986784727666688
https://twitter.com/cyb3rops/status/775970189741551616
https://twitter.com/cyb3rops/status/775967173563080704
https://t.co/nd4mw8gnkW
https://t.co/ls2AZPCyhO
https://dfir.it/blog/2016/07/06/webshells-every-time-the-same-story-dot-dot-dot-part-3/
https://twitter.com/cyb3rops/status/775385118965895168
https://twitter.com/cyb3rops/status/775955505411784708
https://t.co/4dpR5UH9Z0
https://drive.google.com/file/d/0B2S_IOa0MiOHWndxWFRiUHNoNW8/view?usp=sharing
https://twitter.com/cyb3rops/status/775643137607929856
https://t.co/nFqKhicOm6
http://seclist.us/tomcatwardeployer-v0-3-3-apache-tomcat-auto-war-deployment-pwning-penetration-testing-tool.html
https://twitter.com/cyb3rops/status/775642707066847232
https://t.co/N92KXpmHts
http://seclist.us/east-v1-0-0-rc-exploits-and-security-tools-framework.html
https://twitter.com/cyb3rops/status/775430748983754752
https://t.co/hVAoDHtPLH
https://github.com/davidmcgrew/joy
https://twitter.com/cyb3rops/status/775428327121313792
https://t.co/fOPNB7yFcD
https://t.co/Ev9stqWNRd
http://PacketLife.net
http://packetlife.net/library/cheat-sheets/
https://twitter.com/cyb3rops/status/775388098800848896
https://twitter.com/cyb3rops/status/775385118965895168
https://t.co/5Xop8qBxlF
https://github.com/Neo23x0/webshell-intel/tree/master/sigs/filenames
https://twitter.com/cyb3rops/status/775271729153318912
https://t.co/AQrJHLGmlA
https://github.com/crufter/borg
https://twitter.com/cyb3rops/status/775070304536322048
https://t.co/Mo3TB9WiCt
https://www.infoarmor.com/govrat-2-0-attacking-us-military-and-government/
https://twitter.com/cyb3rops/status/774994894351896576
https://t.co/L5NnbcVmFG
https://www.teleconsole.com/
https://twitter.com/cyb3rops/status/774986789178179584
https://t.co/VVqnGnteb3
https://github.com/Neo23x0/Loki
https://twitter.com/cyb3rops/status/774921873993891840
https://t.co/H0hU10xBY5
http://krakenrider.blogspot.de/2015/11/a-fail.html
https://twitter.com/cyb3rops/status/774737629514522624
https://t.co/js7YqrjWxy
http://www.r00tsec.com/2016/01/source-httpramblingcookiemonster.html
https://twitter.com/cyb3rops/status/774655920580202496
https://t.co/6Fk3CzXVPo
https://t.co/nsZkgTTxLk
https://www.bsk-consulting.de/category/yara/
https://gist.github.com/Neo23x0/e3d4e316d7441d9143c7
https://twitter.com/cyb3rops/status/774655521697697792
https://t.co/svHWLLEugq
https://mega.nz/#!AVEWXBDb!Tf9o8SS2eJW7r9HNsFc4Lamfh5MWYx6Sb2nE8AbLSuE
https://twitter.com/cyb3rops/status/774565041005879296
https://twitter.com/cyb3rops/status/774331639052861440
https://t.co/tCls9lpAda
https://github.com/sensepost/det
https://twitter.com/cyb3rops/status/774270771942289408
https://t.co/yKC2ZKyaMH
https://github.com/GlacierW/MBA/blob/master/README.md
https://twitter.com/cyb3rops/status/774266101463130112
https://t.co/FGZKv0w3RJ
http://blog.trendmicro.com/trendlabs-security-intelligence/picture-perfect-crylocker-ransomware-sends-user-information-as-png-files/
https://twitter.com/cyb3rops/status/774233430938775552
https://t.co/xb8k15A0TA
https://promos.mcafee.com/en-US/PDF/mtmw_report.pdf
https://twitter.com/cyb3rops/status/774128588039655424
https://t.co/rFv3wo20Eb
http://arstechnica.com/security/2016/09/two-men-charged-with-hacking-cia-director-and-other-high-ranking-officials/
https://twitter.com/cyb3rops/status/773979490032709633
https://t.co/YUhtRkidEB
https://blog.malwarebytes.com/security-world/2016/09/google-empowers-website-owners-with-added-security-features/amp/
https://twitter.com/cyb3rops/status/773857949676625920
https://t.co/ElaSWtdPLp
https://www.wireshark.org/docs/relnotes/wireshark-2.2.0.html
https://twitter.com/cyb3rops/status/773639823080976384
https://t.co/jTMmXf8kjc
https://gist.github.com/SleuthKid/83cf2d8090620b867c87
https://twitter.com/cyb3rops/status/773626120038191104
https://t.co/X7PJwXYe0K
http://carlcheo.com/startcoding
https://twitter.com/cyb3rops/status/773623880615337984
https://t.co/iV224SxEJk
https://github.com/dahlbyk/posh-git/blob/master/readme.md
https://twitter.com/cyb3rops/status/773586432283770880
https://t.co/EurZ1bJfgm
https://github.com/ronin-zero/beithar
https://twitter.com/cyb3rops/status/773469299767906305
https://t.co/t5Pgbjbxcu
https://suricata-ids.org/2016/09/07/suricata-3-1-2-released/
https://twitter.com/cyb3rops/status/773448356945330176
https://t.co/4ePl8ZAit0
http://www.symantec.com/connect/blogs/buckeye-cyberespionage-group-shifts-gaze-us-hong-kong
https://twitter.com/cyb3rops/status/773407442768125952
https://t.co/sdR6zMKQKv
http://www.harmj0y.net/blog/redteaming/offensive-encrypted-data-storage/
https://twitter.com/cyb3rops/status/773256268429615104
https://t.co/vR7r5hJNyh
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160824-anyconnect
https://twitter.com/cyb3rops/status/773039354688208896
https://t.co/88xgpzgJJA
http://seclist.us/nfqueue-packet-delay-is-a-libnetfilter_queue-handler-intended-to-mitigate-various-timing-attacks.html
https://twitter.com/cyb3rops/status/772904734067949568
https://t.co/iuln9r43dG
http://zrusin.blogspot.de/2007/09/git-cheat-sheet.html
https://twitter.com/cyb3rops/status/772901763234095104
https://t.co/vOVeg1c0y3
https://t.co/HGJbxIOokA
https://www.toptal.com/developers/sorting-algorithms/
http://www.daniel-stein.com/taxonomy/term/164
https://twitter.com/cyb3rops/status/772842072852365312
https://t.co/GnMqLBBrBY
https://www.insinuator.net/2016/09/knxmap-a-knxnetip-scanning-and-auditing-tool/
https://twitter.com/cyb3rops/status/772840018989748224
https://t.co/rWzZsyLqRg
http://seclist.us/wafninja-is-a-tool-which-contains-two-functions-to-attack-web-application-firewalls.html
https://twitter.com/cyb3rops/status/772839130925527040
https://t.co/4MbxLiWpsG
https://github.com/ANSSI-FR/polichombr/blob/master/README.md
https://twitter.com/cyb3rops/status/772814875122888704
https://t.co/BkCgS4EAQ8
https://isc.sans.edu/diary/21443
https://twitter.com/cyb3rops/status/772790278663143424
https://t.co/1wDM50S9mh
https://twitter.com/fooolix/status/772112307400896512
https://twitter.com/cyb3rops/status/772681720936235008
https://t.co/7TcLXZC7iI
http://viper.li/
https://twitter.com/cyb3rops/status/772564141747896320
https://t.co/03neJXjBeP
https://secrary.com/SSMA
https://twitter.com/cyb3rops/status/772490854992838657
https://t.co/TDx3WbFUGh
https://youtu.be/7VgIayOpjEc
https://twitter.com/cyb3rops/status/772341709707550720
https://t.co/z625k21nJz
https://github.com/sroberts/cacador
https://twitter.com/cyb3rops/status/772333717025067008
https://t.co/s1GrPrYkfH
http://linoxide.com/linux-command/systemd-vs-sysvinit-cheatsheet/
https://twitter.com/cyb3rops/status/772196929421905921
https://t.co/24JUN9rLWm
http://seclist.us/fireaway-is-a-tool-for-auditing-bypassing-and-exfiltrating-data-against-layer-7appid.html
https://twitter.com/cyb3rops/status/772072843769249792
https://t.co/prGZUpHYFv
https://binaryforay.blogspot.de/2016/09/let-benchmarks-hit-floor-autopsy-vs.html?m=1
https://twitter.com/cyb3rops/status/771592906737983488
https://t.co/K6RXUgQV2h
http://blog.fortinet.com/2016/09/01/take-it-easy-and-say-hi-to-this-new-python-ransomware
https://twitter.com/cyb3rops/status/771592394730983424
https://t.co/BbyrJ8mZ4k
https://community.rapid7.com/community/services/blog/2016/09/01/siems-dont-detect-attacks-advanced-analysis-does
https://twitter.com/cyb3rops/status/771591511641251841
https://t.co/MBElLxfp4u
http://seclist.us/ridenum-v1-6-is-a-null-session-rid-cycle-attack-for-brute-forcing-domain-controllers.html
https://twitter.com/cyb3rops/status/771591292685914112
https://t.co/7qtJQbKFoG
http://arstechnica.com/apple/2016/09/new-os-x-security-updates-patch-same-zero-days-as-ios-9-3-5/
https://twitter.com/cyb3rops/status/771586457580429312
https://t.co/shrWJAaAs7
https://www.wired.com/2016/07/meet-moxie-marlinspike-anarchist-bringing-encryption-us/
https://twitter.com/cyb3rops/status/771466333422751744
https://twitter.com/cyb3rops/status/771382058966978560
https://t.co/q1hjWrs3e2
http://resources.infosecinstitute.com/code-injection-types-part-2/
https://twitter.com/cyb3rops/status/771380917831081984
https://t.co/qUBkSjWLYX
http://blog.talosintel.com/2016/09/shadowgate-takedown.html
https://twitter.com/cyb3rops/status/771327620004868096
https://t.co/YqpaBru3ly
http://seclist.us/thefatrat-v1-5-codename-unity-backdoor-creator-for-remote-access.html
https://twitter.com/cyb3rops/status/771069828681564160
https://t.co/CxRLTzXZXa
http://www.threatglass.com/
https://twitter.com/cyb3rops/status/771065988724973569
https://t.co/qe2dNg5Ip9
https://haveibeenpwned.com/
https://twitter.com/cyb3rops/status/770922778233016320
https://t.co/3j45JbkmKC
http://community.hpe.com/t5/Security-Research/9002-RAT-a-second-building-on-the-left/ba-p/6894315
https://twitter.com/cyb3rops/status/770921927951130624
https://t.co/ooBxpW61ip
http://researchcenter.paloaltonetworks.com/2016/08/unit42-pythons-and-unicorns-and-hancitoroh-my-decoding-binaries-through-emulation/
https://twitter.com/cyb3rops/status/770624022186950657
https://t.co/WBQMmBEsFR
http://glogg.bonnefon.org/
https://twitter.com/cyb3rops/status/770617722522726400
https://t.co/SAssru1jJ8
https://securelist.com/analysis/publications/75944/the-hunt-for-lurk/
https://twitter.com/cyb3rops/status/770616761062461440
https://t.co/chdA8pWnWg
http://www.kitploit.com/2016/08/libenom-make-fast-and-easy-payloads.html
https://twitter.com/cyb3rops/status/770503046019309568
https://t.co/CjvTihLhpn
https://blogs.technet.microsoft.com/mmpc/2016/08/29/double-click-me-not-malicious-proxy-settings-in-ole-embedded-script/
https://twitter.com/cyb3rops/status/770502056264294400
https://t.co/lI6APMKNU5
http://blog.jpcert.or.jp/2016/08/appcontainers-p-d296.html
https://twitter.com/cyb3rops/status/770351951146090496
https://t.co/K2F4pjBeCs
https://blog.malwarebytes.com/cybercrime/exploits/2016/08/browser-based-fingerprinting-implications-and-mitigations/amp/
https://twitter.com/cyb3rops/status/770262089877323776
https://t.co/WmxdHXMoze
http://blog.trendmicro.com/trendlabs-security-intelligence/locky-ransomware-now-downloaded-encrypted-dlls/
https://twitter.com/cyb3rops/status/769985542524178432
https://t.co/4uEQ3YtIYc
https://github.com/mozilla/http-observatory/blob/master/README.md
https://twitter.com/cyb3rops/status/769984380328607744
https://t.co/KCSdtppvjC
http://seclist.us/pei-stage-backdoor-for-uefi-compatible-firmware.html
https://twitter.com/cyb3rops/status/769640260489871360
https://t.co/6ESDm906Qe
https://n0where.net/ssh-server-auditing-ssh-audit/
https://twitter.com/cyb3rops/status/769544379505795072
https://t.co/ClyJyk5Adc
https://twitter.com/threatpost/status/768924836215287808
https://twitter.com/cyb3rops/status/769543264533876736
https://twitter.com/cyb3rops/status/769424041551749120
https://t.co/Wx5izOy24e
https://github.com/P0cL4bs/hanzoInjection
https://twitter.com/cyb3rops/status/769422847819350016
https://t.co/6G3L0a9uCr
https://blogs.mcafee.com/mcafee-labs/tips-securing-ssl-renegotiation/
https://twitter.com/cyb3rops/status/769422399934693376
https://t.co/oAdgDO2pqG
http://www.fireeye.com/blog/threat-research/2016/08/ripper_atm_malwarea.html
https://twitter.com/cyb3rops/status/769301394121691136
https://t.co/yZMoWAzzrD
https://www.virusbulletin.com/virusbulletin/2012/04/quick-reference-manual-unpacking
https://twitter.com/cyb3rops/status/769265117590646784
https://t.co/IVNSLrhkxz
http://resources.infosecinstitute.com/petya-ransomware-analysis-part-ii/
https://twitter.com/cyb3rops/status/769264671929106432
https://t.co/8nO1bTkwZc
http://blog.gdssecurity.com/labs/2016/8/26/slaying-rogue-access-points-with-python-and-cheap-hardware.html
https://twitter.com/cyb3rops/status/769171913637818369
https://t.co/DcbOCcW4ev
http://blog.checkpoint.com/2016/08/26/web-scripting-language-php-7-vulnerable-to-remote-exploits/
https://twitter.com/cyb3rops/status/769076913289699328
https://t.co/igHCY7pOaB
https://blog.silentsignal.eu/2016/08/25/bake-your-own-extrabacon/
https://twitter.com/cyb3rops/status/769076572544503809
https://t.co/jTK05k9Mhc
https://blogs.mcafee.com/mcafee-labs/malware-hides-in-installer-to-avoid-detection/
https://twitter.com/cyb3rops/status/769075667350749184
https://t.co/lTu0o8rYLL
https://github.com/the-useless-one/pywerview
https://twitter.com/cyb3rops/status/769060296308690945
https://t.co/7XntqsAqLV
https://citizenlab.org/2016/08/million-dollar-dissident-iphone-zero-day-nso-group-uae/
https://twitter.com/cyb3rops/status/768857498736615424
https://t.co/jfW7XqaVJM
https://www.crowdstrike.com/blog/crowdstrike-machine-learning-virustotal/
https://twitter.com/cyb3rops/status/768856891904720896
https://t.co/FQYzigAAK5
https://n0where.net/https-best-practices-pshtt/
https://twitter.com/cyb3rops/status/768503920868155392
https://t.co/thiWczgRWu
https://www.helpnetsecurity.com/2016/08/24/extrabacon-newer-cisco-asa/
https://twitter.com/cyb3rops/status/768503748897505280
https://t.co/47fj3ZHf8a
http://resources.infosecinstitute.com/privilege-escalation-linux-live-examples/
https://twitter.com/cyb3rops/status/768503411859984384
https://t.co/OnylyJbEml
http://blog.hackersonlineclub.com/2016/08/owasp-mth3l3m3nt-framework-penetration.html
https://twitter.com/cyb3rops/status/768434661072760832
https://t.co/AhpZixEMgR
http://www.zf.com/jobportal/detail_vacancies.do?source=SAP&jobID=51147569&languageID=0&profSectionID=0&countryID=0&submitted=true&locationID=0&lang=de_de&divisionID=0
https://twitter.com/cyb3rops/status/768418103701147648
https://t.co/bZEqCGWcXS
https://mega.nz/#!8FdTWKRJ!zZENcdmXUzuZOHE8DaZyt1vPGn9imlj40konW6Nl99o
https://twitter.com/cyb3rops/status/768411165080875009
https://t.co/UNjcl5x3hI
https://dnsdumpster.com/
https://twitter.com/cyb3rops/status/768368764354174976
https://twitter.com/cyb3rops/status/768366108541849602
https://t.co/6yXYAYGcpc
https://twitter.com/bemitc/status/768102215676522501
https://twitter.com/cyb3rops/status/768162792851603456
https://t.co/8i9j85ctmK
https://icsmap.shodan.io/
https://twitter.com/cyb3rops/status/768108399280136192
https://twitter.com/cyb3rops/status/768106002508050434
https://t.co/pDZjuFArPd
https://twitter.com/virtualabs/status/767645062993969152
https://twitter.com/cyb3rops/status/767983357036728320
https://t.co/6B1T91mnKs
https://www.malwaretech.com/2016/08/no-the-fbi-are-not-sending-bitcoins-to-the-shadowbrokers.html
https://twitter.com/cyb3rops/status/767835999481266176
https://t.co/uZzp77cU4q
https://t.co/zs63Q8lJmd
http://my-netdata.io
https://github.com/firehol/netdata/
https://twitter.com/cyb3rops/status/767689129681383424
https://t.co/s6645dz5OD
http://seclist.us/mountain_goat-a-poc-off-path-tcp-exploits-global-rate-limit-considered-dangerous.html
https://twitter.com/cyb3rops/status/767609859122618368
https://t.co/SAQMPT9X72
https://github.com/shellphish/fuzzer
https://twitter.com/cyb3rops/status/767609292627337216
https://t.co/zKzvQBv8zX
https://t.co/elbqXxWaBz
http://researchcenter.paloaltonetworks.com/2016/08/unit42-vb-dropper-and-shellcode-for-hancitor-reveal-new-techniques-behind-uptick/
http://www.minerva-labs.com/post/new-hancitor-pimp-my-downloader
https://twitter.com/cyb3rops/status/767479707025731584
https://t.co/JRwbjAsDD0
https://zealdocs.org/
https://twitter.com/cyb3rops/status/767420790195257344
https://t.co/n2m7p4Rsxv
http://seclist.us/l0l-a-exploit-development-kit.html
https://twitter.com/cyb3rops/status/767275362455789568
https://t.co/ZOegeEDNeT
https://github.com/hellman/xortool
https://twitter.com/cyb3rops/status/766922759729451008
https://t.co/3ZCzec8vFv
https://github.com/hashcat/kwprocessor
https://twitter.com/cyb3rops/status/766917916528967681
https://t.co/4NkZzv0K6A
http://seclist.us/redismassexploit-script-to-collect-hosts-installed-redis-using-shodan-search-engine-and-exploit-them.html
https://twitter.com/cyb3rops/status/766917287765020672
https://t.co/BxcUbSTLlD
http://www.darknet.org.uk/2016/08/powerops-powershell-runspace-portable-post-exploitation-tool/
https://twitter.com/cyb3rops/status/766694041593479168
https://t.co/ky74zEh859
https://theintercept.com/2016/08/19/the-nsa-was-hacked-snowden-documents-confirm/
https://twitter.com/cyb3rops/status/766477350980706304
https://t.co/5L1MByHCxB
http://blog.erratasec.com/2016/08/eqgrp-tools-are-post-exploitation.html
https://twitter.com/cyb3rops/status/766254829601783808
https://t.co/kBgixDJ59i
http://www.fireeye.com/blog/threat-research/2016/08/wmi_vs_wmi_monitor.html
https://twitter.com/cyb3rops/status/766178666900512768
https://t.co/6o7gaL7TBH
http://seclist.us/tpminituacbypass-a-tool-to-bypass-user-account-controluac-on-windows-8-1-x64-windows-10-x64.html
https://twitter.com/cyb3rops/status/766158978854293504
https://t.co/9A24XWoBHN
https://blog.exodusintel.com/2016/08/09/vxworks-execute-my-packets/
https://twitter.com/cyb3rops/status/765969255624040452
https://twitter.com/cyb3rops/status/765966586129907712
https://t.co/OW2nbbRobY
http://www.fireeye.com/blog/threat-research/2016/08/locky_ransomwaredis.html
https://twitter.com/cyb3rops/status/765966424481333248
https://t.co/fUWPphhBN9
https://nakedsecurity.sophos.com/2016/08/17/veracrypt-disk-encryption-team-claims-emails-intercepted/amp/
https://twitter.com/cyb3rops/status/765929102570381312
https://t.co/GrQ8B2trUJ
https://gallery.technet.microsoft.com/Aorato-Skeleton-Key-24e46b73
https://twitter.com/cyb3rops/status/765869700261748736
https://twitter.com/cyb3rops/status/765841003672723456
https://t.co/KtyGrIj0o7
https://github.com/abdulfatir/ZipBomb
https://twitter.com/cyb3rops/status/765676398010916868
https://t.co/6OCCr9ey2y
https://securelist.com/blog/incidents/75812/the-equation-giveaway/
https://twitter.com/cyb3rops/status/765647524686364672
https://t.co/4xQ8G2mNap
https://files.sans.org/summit/Threat_Hunting_Incident_Response_Summit_2016/PDFs/To-Catch-an-APT-YARA-Jay-DiMartino.pdf
https://twitter.com/cyb3rops/status/765646122186641412
https://t.co/3xba5JSCYz
http://ref.x86asm.net/coder32.html
https://twitter.com/cyb3rops/status/765644167049519105
https://t.co/5DSuIj1oQV
https://github.com/aaronst/macholibre
https://twitter.com/cyb3rops/status/765633290145521664
https://t.co/JxZZDey873
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_eqgrp.yar
https://twitter.com/cyb3rops/status/765529289160794112
https://t.co/ET5gluZoiW
https://www.helpnetsecurity.com/2016/08/16/crack-https-protection/
https://twitter.com/cyb3rops/status/765441579234500608
https://t.co/ZqdwINT8ce
https://blog.malwarebytes.com/threat-analysis/2016/08/shakti-trojan-stealing-documents/amp/
https://twitter.com/cyb3rops/status/765441425274200064
https://t.co/L7Y7Rw7bAa
https://adsecurity.org/?p=3164
https://twitter.com/cyb3rops/status/765441165848088576
https://t.co/xNGRf3Q7CQ
https://www.helpnetsecurity.com/2016/08/16/mylg-command-line-network-diagnostic-tool/
https://twitter.com/cyb3rops/status/765231861442416640
https://t.co/vqT9lpJbfa
https://twitter.com/_delta_zero/status/764544728767528960
https://twitter.com/cyb3rops/status/765228802792386560
https://t.co/BxMUpUonmU
http://www.harmj0y.net/blog/powershell/command-and-control-using-active-directory/
https://twitter.com/cyb3rops/status/765156878749933568
https://t.co/gUTtNCh492
https://github.com/theshadowbrokers/EQGRP-AUCTION/blob/master/README.txt
https://twitter.com/cyb3rops/status/765075228322070528
https://twitter.com/cyb3rops/status/765063668069457920
https://t.co/PALDXo4xTE
http://seclist.us/sec-audit-powershell-script-for-windows-server-compliance-security-configuration-audit.html
https://twitter.com/cyb3rops/status/764960441177149444
https://t.co/C2RE8QFmGB
http://blog.hackersonlineclub.com/2016/08/pompem-exploit-and-vulnerability-finder.html
https://twitter.com/cyb3rops/status/764928938942627840
https://t.co/WVkPsah4Ll
http://m.imgur.com/GojlBu1
https://twitter.com/cyb3rops/status/764796686581526532
https://t.co/QI7fEBZo2e
http://r00ted.com/cheat%20sheet%20reverse%20v5.png
https://twitter.com/cyb3rops/status/764743224363782144
https://t.co/1k5CX29qAk
https://adsecurity.org/?p=2921
https://twitter.com/cyb3rops/status/764485775027216384
https://t.co/OaaWqPRSWw
http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet
https://twitter.com/cyb3rops/status/764437712447340544
https://t.co/QCUacrgIMs
https://t.co/OppgYSBlmk
https://speakerdeck.com/kennysan/411-a-framework-for-managing-security-alerts
https://github.com/kiwiz/411
https://twitter.com/cyb3rops/status/764435845902458880
https://t.co/vGHbZHyKvn
https://github.com/dyurk/splogTASH
https://twitter.com/cyb3rops/status/764376345476534272
https://t.co/nLahIGGqTZ
https://rogerdudler.github.io/git-guide/
https://twitter.com/cyb3rops/status/764146868792295424
https://t.co/VOHD9aUraI
https://blog.didierstevens.com/2016/08/12/mimikatz-golden-ticket-dcsync/amp/
https://twitter.com/cyb3rops/status/764144400880525312
https://t.co/kbEtQFK3Zu
https://nakedsecurity.sophos.com/2016/08/12/exploit-broker-offers-2-5-times-what-apple-offers-for-serious-ios-bugs/amp/
https://twitter.com/cyb3rops/status/764144238447714305
https://t.co/ktpwziBh0U
https://www.helpnetsecurity.com/2016/08/12/usbfilter-blocking-threats/
https://twitter.com/cyb3rops/status/764047312410685440
https://t.co/Ydu9MyUN0o
https://adsecurity.org/?p=1275
https://twitter.com/cyb3rops/status/763996349427691521
https://t.co/i0H3rtF6Jl
http://www.kitploit.com/2016/08/raptor-waf-v02-web-application-firewall.html
https://twitter.com/cyb3rops/status/763996085253660672
https://t.co/ZPJkmD20MI
https://blog.malwarebytes.com/cybercrime/2016/08/decrypting-chimera-ransomware/
https://twitter.com/cyb3rops/status/763679534797512704
https://t.co/rWDyH1ysPD
https://twitter.com/brendangregg/status/763503363208060928
https://twitter.com/cyb3rops/status/763665609250996224
https://t.co/nndHDISwhG
https://t.co/om3LbErxuu
https://www.forcepoint.com/sites/default/files/resources/files/forcepoint-security-labs-monsoon-analysis-report.pdf
https://otx.alienvault.com/pulse/57abd06e151d8a0134cbb0bb/
https://twitter.com/cyb3rops/status/763660832429465601
https://t.co/rJhLL3vsXl
https://t.co/SEXMBPgv76
https://blog.jetbrains.com/blog/2013/06/11/inside-darcula-look-and-feel-an-interview-with-konstantin-bulenkov/
https://github.com/bulenkov/Darcula
https://twitter.com/cyb3rops/status/763643061129936896
https://t.co/V6tIa0EZgE
https://www.helpnetsecurity.com/2016/08/11/flockflock-file-access-enforcement-macos/
https://twitter.com/cyb3rops/status/763455302754762753
https://t.co/VxmHpNcAMo
http://blog.cobaltstrike.com/2015/09/30/advanced-threat-tactics-course-and-notes/
https://twitter.com/cyb3rops/status/763443220898603008
https://twitter.com/cyb3rops/status/763442116009816064
https://twitter.com/cyb3rops/status/763438271984726016
https://twitter.com/cyb3rops/status/763431801637437440
https://t.co/g9C32WUwia
http://blog.talosintel.com/2016/08/ms-pdf-vulnerability.html
https://twitter.com/cyb3rops/status/763353282819522560
https://t.co/yntI5UkDHn
http://sectoolmarket.com/wivet-score-unified-list.html
https://twitter.com/cyb3rops/status/763337020429271040
https://twitter.com/cyb3rops/status/763266411548536832
https://twitter.com/cyb3rops/status/763259340526616577
https://t.co/DNTXYoWKoj
http://fdiskyou.github.io/blog/2016/08/09/cracking-orcus-rat/
https://twitter.com/cyb3rops/status/763258364214276096
https://t.co/GCgDfmgRJS
http://krebsonsecurity.com/?p=35784
https://twitter.com/cyb3rops/status/763136906741833728
https://t.co/muLcz2s7RO
https://www.fireeye.com/blog/threat-research/2016/08/fakenet-ng_next_gen.html
https://twitter.com/cyb3rops/status/763122357900894209
https://t.co/pS4ACL719z
https://cve.circl.lu/cve/CVE-2016-2875
https://twitter.com/cyb3rops/status/763075659367387136
https://t.co/ERC5F6MQsA
https://nakedsecurity.sophos.com/2016/08/09/900-million-androids-vulnerable-to-quadrooter-bugs-what-you-need-to-know/amp/
https://twitter.com/cyb3rops/status/763007955264532480
https://t.co/6wkjkNsioa
http://holisticinfosec.blogspot.com/2016/08/toolsmith-in-depth-analysis-procfilter.html
https://twitter.com/cyb3rops/status/763007093087633412
https://t.co/WKqeEFQopD
http://securityblog.gr/3579/owncloud-security-hardening-on-debian/
https://twitter.com/cyb3rops/status/762933357948899329
https://twitter.com/cyb3rops/status/762901202937974784
https://twitter.com/cyb3rops/status/762898077321719808
https://t.co/NrHHHOKPYv
http://seclist.us/brosec-v1-1-6-an-interactive-reference-tool-to-help-security-professionals-utilize-useful-payloads-and-commands.html
https://twitter.com/cyb3rops/status/762758577002016773
https://t.co/pQrYBCa1fs
http://krebsonsecurity.com/2016/08/data-breach-at-oracles-micros-point-of-sale-division/
https://twitter.com/cyb3rops/status/762739665157758977
https://twitter.com/cyb3rops/status/762673684335169537
https://t.co/VVqnGnteb3
https://github.com/Neo23x0/Loki
https://twitter.com/cyb3rops/status/762666796176506880
https://t.co/pDrLoMpsaH
https://securelist.com/analysis/publications/75533/faq-the-projectsauron-apt/
https://twitter.com/cyb3rops/status/762650764372238336
https://t.co/N2RCranQSH
https://www.helpnetsecurity.com/2016/08/08/remote-butler-attack/
https://twitter.com/cyb3rops/status/762534576120008704
https://t.co/MyZAQ5dIhC
http://seclist.us/powerops-v1-0beta-powershell-for-offensive-operations.html
https://twitter.com/cyb3rops/status/762534377389776897
https://t.co/ODNL4oSWZf
http://www.kitploit.com/2016/08/udpack-extensible-generic-udp-packet.html
https://twitter.com/cyb3rops/status/762387280724168704
https://t.co/f9H96Gmpew
https://www.dsinternals.com/en/auditing-active-directory-password-quality/
https://twitter.com/cyb3rops/status/762198259699974144
https://t.co/VTUTN6k3wQ
https://github.com/adaptivethreat/Bloodhound/wiki
https://twitter.com/cyb3rops/status/761838301498187776
https://t.co/ZCuSJ8Qqfb
https://github.com/bez0r/pDNS2
https://twitter.com/cyb3rops/status/761803090731343872
https://t.co/JEWS1iogQH
https://github.com/SafeBreach-Labs/pacdoor
https://twitter.com/cyb3rops/status/761656552407334912
https://t.co/B41uze2Q1w
http://seclist.us/exabgp-v4-0-0-the-bgp-swiss-army-knife-of-networking.html
https://twitter.com/cyb3rops/status/761656249905717248
https://t.co/LXvBdYqT4V
https://security.googleblog.com/2016/08/guided-in-process-fuzzing-of-chrome.html
https://twitter.com/cyb3rops/status/761655564204212225
https://t.co/tYCyono8Cr
https://blog.malwarebytes.com/threat-analysis/2016/08/smoke-loader-downloader-with-a-smokescreen-still-alive/
https://twitter.com/cyb3rops/status/761624543836405760
https://t.co/wlh3CzDzLX
https://www.schneier.com/blog/archives/2016/08/frequent_passwo.html
https://twitter.com/cyb3rops/status/761546146783301633
https://t.co/MLvjADGxqv
http://blog.deniable.org/blog/2016/08/04/cracking-hawkeye-keylogger-reborn/
https://twitter.com/cyb3rops/status/761463899262681088
https://t.co/yrrlysLkHB
https://adsecurity.org/?p=2987
https://twitter.com/cyb3rops/status/761462090850766848
https://t.co/VM7VOZb1rf
http://blog.trendmicro.com/trendlabs-security-intelligence/badwpad-doubtful-legacy-wpad-protocol/
https://twitter.com/cyb3rops/status/761461647898705920
https://t.co/sC4rW1KPSi
https://www.trustwave.com/Resources/SpiderLabs-Blog/To-Obfuscate,-or-not-to-Obfuscate/
https://twitter.com/cyb3rops/status/761445191232487428
https://t.co/7bXfObb10N
http://theduran.com/nsa-whistleblower-says-dnc-hack-not-done-russia-u-s-intelligence/
https://twitter.com/cyb3rops/status/761248119891910656
https://twitter.com/cyb3rops/status/761226209753636864
https://twitter.com/cyb3rops/status/761193183028113409
https://twitter.com/cyb3rops/status/761191997931679744
https://t.co/Z8LgUFgj6o
https://twitter.com/matthias_kaiser/status/761191063411359744
https://twitter.com/cyb3rops/status/761069097366925313
https://t.co/JQ6Xjs6fSI
https://github.com/codexgigassys/codex-backend
https://twitter.com/cyb3rops/status/761068982048727040
https://twitter.com/cyb3rops/status/760905042262188032
https://t.co/pye348d6hS
http://seclist.us/ssh-audit-is-a-tool-for-ssh-server-auditing.html
https://twitter.com/cyb3rops/status/760874860939714560
https://twitter.com/cyb3rops/status/760860183753068544
https://twitter.com/cyb3rops/status/760818868642312192
https://t.co/IoVS85gc1r
https://01.org/hyperscan
https://twitter.com/cyb3rops/status/760809049780809728
https://t.co/muve0GCFOd
https://github.com/VirusTotal/yara/releases
https://twitter.com/cyb3rops/status/760780832831397888
https://t.co/YAsrgTc6JH
https://github.com/BinaryDefense/artillery
https://twitter.com/cyb3rops/status/760544673580679168
https://t.co/L124HQSQQC
http://bravenewcoin.com/news/ethereum-hard-fork-results-in-two-surviving-cryptocurrencies-both-are-now-trading/
https://twitter.com/cyb3rops/status/760541635105198080
https://twitter.com/cyb3rops/status/760538549506678784
https://t.co/CdYnp9HPx6
https://motherboard.vice.com/read/yahoo-supposed-data-breach-200-million-credentials-dark-web
https://twitter.com/cyb3rops/status/760514810454966273
https://t.co/voshdIIBJv
http://blog.cloudflare.com/introducing-the-p0f-bpf-compiler/
https://twitter.com/cyb3rops/status/760512370015870978
https://twitter.com/cyb3rops/status/760508946398535680
https://t.co/l0Kg8QX7tp
https://www.helpnetsecurity.com/2016/08/02/sap-cybersecurity-report/
https://twitter.com/cyb3rops/status/760350426340483072
https://t.co/tO1yyRcoEZ
http://seclist.us/jsql-injection-v0-75-a-java-tool-for-automatic-database-injection.html
https://twitter.com/cyb3rops/status/760344303675793408
https://t.co/tMK40UbvAi
http://observer.com/2016/08/breaking-chinese-mole-uncovered-inside-the-fbi/
https://twitter.com/cyb3rops/status/760108670378242048
https://t.co/1brmPaIzQ6
https://paw.cloud/
https://twitter.com/cyb3rops/status/760015535438438400
https://twitter.com/cyb3rops/status/760004595968073728
https://twitter.com/cyb3rops/status/760000803243524096
https://t.co/mHHAMLbSEt
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_transformed_strings.yar
https://twitter.com/cyb3rops/status/759854977321930752
https://t.co/jdX3DDzzSp
https://github.com/LionSec/xerosploit
https://twitter.com/cyb3rops/status/759843867525050368
https://t.co/cphlW4eLma
http://jepsen.io/
https://twitter.com/cyb3rops/status/759266422786777088
https://t.co/ObMwZwcwHR
http://seclist.us/ratdecoders-v1-0-python-decoders-for-common-remote-access-trojans.html
https://twitter.com/cyb3rops/status/759131250502361088
https://t.co/XQtDNvGOaL
https://github.com/godaddy/procfilter/blob/master/README.md
https://twitter.com/cyb3rops/status/759064022452932608
https://t.co/uS7MLWJokT
https://blog.didierstevens.com/2016/07/29/releasing-rtfdump-py/amp/
https://twitter.com/cyb3rops/status/759063604343795712
https://t.co/qrkjzA3XLI
http://seclist.us/thefatrat-backdoor-creator-for-remote-access.html
https://twitter.com/cyb3rops/status/759062669290790912
https://t.co/q26aqcVh2p
http://www.darknet.org.uk/2016/07/fping-3-multi-target-icmp-ping-tool/
https://twitter.com/cyb3rops/status/759062601347334144
https://t.co/Y5bwavvjhO
https://blog.malwarebytes.com/threat-analysis/2016/07/unpacking-yet-another-net-crypter/
https://twitter.com/cyb3rops/status/758986929543143424
https://t.co/18L62fwyhD
https://github.com/Neo23x0/Fenrir
https://twitter.com/cyb3rops/status/758792700736970756
https://t.co/Yonewy3Y2H
http://researchcenter.paloaltonetworks.com/2016/07/unit-42-attack-delivers-9002-trojan-through-google-drive/
https://twitter.com/cyb3rops/status/758705103805243392
https://t.co/X4u8mlg5Qj
https://technet.microsoft.com/en-us/itpro/windows/keep-secure/credential-guard
https://twitter.com/cyb3rops/status/758654000187269120
https://t.co/jK2DfZBOJT
https://github.com/rednaga/APKiD
https://twitter.com/cyb3rops/status/758395840486633472
https://t.co/GUFo5f4MwN
http://www.harmj0y.net/blog/powershell/powershell-rc4/
https://twitter.com/cyb3rops/status/758314935466205184
https://t.co/49ds7Ots9H
http://www.fireeye.com/blog/threat-research/2016/07/red_team_tool_roundup.html
https://twitter.com/cyb3rops/status/758314611166838784
https://t.co/virBAvq2jA
https://www.arbornetworks.com/blog/asert/let-pandas-zeus-zeus-zeus-zeus/
https://twitter.com/cyb3rops/status/758187061010698240
https://t.co/WtM6O0RVU3
http://www.redblue.team/2016/07/audit-logging-configuration-for-linux.html
https://twitter.com/cyb3rops/status/758186934955085824
https://t.co/aAP29tGht7
https://blog.malwarebytes.com/threat-analysis/exploits-threat-analysis/2016/07/a-look-into-some-rig-exploit-kit-campaigns/
https://twitter.com/cyb3rops/status/758068783533715457
https://t.co/SnQV35US2A
https://github.com/Neo23x0/Loki/blob/master/tools/vt-checker-hosts.py
https://twitter.com/cyb3rops/status/757974678115942400
https://t.co/qVH2NgB0ui
https://community.rapid7.com/community/services/blog/2016/07/26/capturing-credentials-on-an-internal-network
https://twitter.com/cyb3rops/status/757974623329943552
https://t.co/Fru6coZPAg
http://blog.portswigger.net/2016/07/introducing-burp-infiltrator.html
https://twitter.com/cyb3rops/status/757941166818127872
https://t.co/D5ZQN0WmNg
http://seclist.us/droid-hunter-is-an-android-application-vulnerability-analysis-and-android-pentest-tool.html
https://twitter.com/cyb3rops/status/757940960659640320
https://t.co/QbtAaUg0Z5
https://isc.sans.edu/diary/Command%2Band%2BControl%2BChannels%2BUsing%2B%22AAAA%22%2BDNS%2BRecords/21301
https://twitter.com/cyb3rops/status/757695774813716480
https://t.co/YmNPcSR8Wi
https://www.arbornetworks.com/blog/asert/mad-max-dga/
https://twitter.com/cyb3rops/status/757667950476296193
https://twitter.com/cyb3rops/status/757666557577293824
https://twitter.com/cyb3rops/status/757632679772839936
https://twitter.com/cyb3rops/status/757305658513448960
https://twitter.com/cyb3rops/status/757160690977280000
https://t.co/FIkoLE6QBK
https://github.com/Neo23x0/Loki/blob/master/tools/vt-checker.py
https://twitter.com/cyb3rops/status/757105028826005505
https://t.co/FJVwERd7Fu
https://github.com/struct/mms
https://twitter.com/cyb3rops/status/757104243031609344
https://t.co/ZRZ5XwDUOq
https://blogs.technet.microsoft.com/mmpc/2016/07/23/nemucod/
https://twitter.com/cyb3rops/status/757103772468469760
https://t.co/udjcewRNmk
http://seclist.us/owasp-zsc-v1-1-0-st-shellcodeobfuscate-code-generator.html
https://twitter.com/cyb3rops/status/757010591454224385
https://twitter.com/cyb3rops/status/756886681131692032
https://twitter.com/cyb3rops/status/756870335073517568
https://t.co/CdNtWDsvRv
http://www.darknet.org.uk/2016/07/dnmap-distributed-nmap-framework/
https://twitter.com/cyb3rops/status/756870154315784192
https://t.co/kEDUCKM2C5
https://github.com/wireapp/wire
https://twitter.com/cyb3rops/status/756818475335680000
https://t.co/EcAq3MatYJ
http://dasmalwerk.eu/
https://twitter.com/cyb3rops/status/756751142118359040
https://t.co/tjBPzswZU1
https://blogs.technet.microsoft.com/mmpc/2016/07/22/kovter-becomes-almost-file-less-creates-a-new-file-type-and-gets-some-new-certificates/?platform=hootsuite
https://twitter.com/cyb3rops/status/756425984467959809
https://t.co/868gdUWLLV
http://www.forensicfocus.com/News/article/sid=2696/
https://twitter.com/cyb3rops/status/756425882961666048
https://t.co/v5URS7oFnb
https://securityintelligence.com/the-onrushing-tsunami-known-as-the-gdpr/
https://twitter.com/cyb3rops/status/756425526730948608
https://t.co/f2JZ03X4YY
https://www.blueliv.com/research/inside-tinba-infection-stage2/
https://twitter.com/cyb3rops/status/756375745233088512
https://t.co/CXlDYprofv
http://seclist.us/routersploit-v2-2-0-router-exploitation-framework.html
https://twitter.com/cyb3rops/status/756225147216994304
https://t.co/A1UCg83v1T
http://blog.talosintel.com/2016/07/vulnerability-spotlight-openoffice-impress.html
https://twitter.com/cyb3rops/status/756203453261766656
https://t.co/v3G19cc0Us
https://github.com/billziss-gh/winfsp
https://twitter.com/cyb3rops/status/756202390789955584
https://t.co/7UcReEEJ8v
http://researchcenter.paloaltonetworks.com/2016/07/unit42-powerware-ransomware-spoofing-locky-malware-family/
https://twitter.com/cyb3rops/status/756201800915619840
https://t.co/8HKHLij82v
http://blog.fortinet.com/2016/07/21/a-peek-into-blackmoon-s-sustained-attacks-against-south-korea
https://twitter.com/cyb3rops/status/756083603952508928
https://t.co/r0nCFciWcD
https://github.com/FallibleInc/security-guide-for-developers
https://twitter.com/cyb3rops/status/756082859165835264
https://t.co/iJmWrU5ebY
https://securelist.com/blog/research/75476/facebook-malware-the-missing-piece/
https://twitter.com/cyb3rops/status/755851985417490433
https://t.co/GHO1s7m0lP
http://blog.talosintel.com/2016/07/vulnerability-spotlight-oracles-outside.html
https://twitter.com/cyb3rops/status/755835348597473280
https://t.co/Bm7vZGLHuA
https://nakedsecurity.sophos.com/2016/07/20/update-now-macs-and-iphones-have-a-stagefright-style-bug/amp/
https://twitter.com/cyb3rops/status/755787975066279936
https://t.co/QGAzsPxL8C
http://www.koreatimes.co.kr/www/news/biz/2016/07/123_209639.html
https://twitter.com/cyb3rops/status/755719011288178689
https://t.co/0WqUH1K41u
http://blog.talosintel.com/2016/07/apple-image-rce.html
https://twitter.com/cyb3rops/status/755714102916476929
https://t.co/59PTeNNzeK
https://reaqta.com/2016/07/dridex-tries-sandbox-evasion/
https://twitter.com/cyb3rops/status/755504072921341952
https://twitter.com/cyb3rops/status/755458421206450177
https://t.co/EvrW578v3i
http://seclist.us/apt2-an-automated-penetration-testing-toolkit.html
https://twitter.com/cyb3rops/status/755423297106567169
https://t.co/shjWGbhFhS
https://www.recordedfuture.com/web-shell-analysis-part-2/
https://twitter.com/cyb3rops/status/755101271770693632
https://t.co/Y28yrHf4gO
http://www.darknet.org.uk/2016/07/dmitry-deepmagic-information-gathering-tool/
https://twitter.com/cyb3rops/status/755094174123393025
https://t.co/nZ6ep9ZZJQ
https://blog.malwarebytes.com/threat-analysis/2016/07/third-time-unlucky-improved-petya-is-out/
https://twitter.com/cyb3rops/status/754927213250768896
https://t.co/Ftidm3rIxZ
http://seclist.us/wifi-pumpkin-v0-7-8-framework-for-rogue-wi-fi-access-point-attack.html
https://twitter.com/cyb3rops/status/754771784013058048
https://t.co/vpS49WJ9x5
https://hyperterm.org
https://twitter.com/cyb3rops/status/754632135898722304
https://t.co/3AtjPhtudx
https://t.co/PxIGSdtUZu
https://github.com/Neo23x0/signature-base/commit/7a68156e2111ee524eae4e715855bd2283d3bbfc
https://sentinelone.com/blogs/sfg-furtims-parent/
https://twitter.com/cyb3rops/status/754609278409961472
https://t.co/CefIShLJY0
https://github.com/mgeeky/tomcatWarDeployer
https://twitter.com/cyb3rops/status/754562998623170560
https://t.co/n5WFHUDcZ5
https://github.com/gtank/cryptopasta
https://twitter.com/cyb3rops/status/754561312743718912
https://t.co/ok6OYVbUMx
https://github.com/fgrimme/Matroschka
https://twitter.com/cyb3rops/status/754396893057323009
https://t.co/H5sQhCXVQ5
https://github.com/enddo/HatDBG
https://twitter.com/cyb3rops/status/754040766629048320
https://t.co/ADhc6bw8OJ
https://github.com/woanware/LogViewer
https://twitter.com/cyb3rops/status/753976506620272640
https://t.co/B3m1pAPgdE
https://www.virusbulletin.com/blog/2016/07/guest-blog-espionage-toolkit-targeting-central-and-eastern-europe-uncovered/
https://twitter.com/cyb3rops/status/753831373400444933
https://t.co/h2G5re1bhd
http://www.fireeye.com/blog/threat-research/2016/07/exploit_kits_quickly.html
https://twitter.com/cyb3rops/status/753830943358496768
https://t.co/GN1BOqxgzz
https://blogs.technet.microsoft.com/mmpc/2016/07/14/reverse-engineering-dubnium-stage-2-payload-analysis/
https://twitter.com/cyb3rops/status/753830584732884992
https://t.co/4fIvKTAL0M
http://seclist.us/avclass-a-tool-for-massive-malware-labeling.html
https://twitter.com/cyb3rops/status/753587036167213056
https://t.co/AzkAPpJRgB
https://github.com/philhagen/sof-elk/blob/master/VM_README.md
https://twitter.com/cyb3rops/status/753472208287232000
https://twitter.com/cyb3rops/status/753469652240592896
https://twitter.com/cyb3rops/status/753469076257796096
https://t.co/R5ilBQCPPC
http://arstechnica.com/security/2016/07/20-year-old-windows-bug-lets-printers-install-malware-patch-now/
https://twitter.com/cyb3rops/status/753468875811987456
https://t.co/cSkCJY0gUJ
https://blog.malwarebytes.com/cybercrime/2016/07/mac-malware-osx-keydnap-steals-keychain/
https://twitter.com/cyb3rops/status/753468430251126784
https://t.co/M6aQBJhE7F
http://seclist.us/powerlurk-malicious-wmi-events-using-powershell.html
https://twitter.com/cyb3rops/status/753467873486569472
https://t.co/AWCWzrLZZt
https://www.praetorian.com/blog/hashjacking-anyone-can-steal-your-windows-password#When:23:37:00Z
https://twitter.com/cyb3rops/status/753303894562861057
https://t.co/RnGuvfgz6S
http://www.techinsider.io/nitro-zeus-iran-infrastructure-2016-7
https://twitter.com/cyb3rops/status/753297477927837698
https://t.co/qbkjTZ8Y1F
http://icitech.org/know-your-enemies-2-0/
https://twitter.com/cyb3rops/status/753103193668739073
https://t.co/K2PqzJzevU
http://www.threatgeek.com/2016/07/tracking-man1-crypter-actor.html
https://twitter.com/cyb3rops/status/752964536743911424
https://t.co/FbXFHNJ7wQ
https://blogs.mcafee.com/mcafee-labs/patch-now-simple-office-protected-view-bypass-could-have-big-impact/
https://twitter.com/cyb3rops/status/752917276949708800
https://twitter.com/cyb3rops/status/752916797486170112
https://twitter.com/cyb3rops/status/752891289151148032
https://t.co/bi0XZ6SSFz
https://blog.didierstevens.com/2016/07/12/practice-ntds-dit-file-part-1/amp/
https://twitter.com/cyb3rops/status/752890627298320384
https://t.co/FKEVYLf5Ng
http://seclist.us/powerupsql-a-powershell-toolkit-for-attacking-sql-server.html
https://twitter.com/cyb3rops/status/752889703821697025
https://twitter.com/cyb3rops/status/752751381174423552
https://t.co/zmWgUTopOF
https://t.co/M58eebV3n2
https://t.co/kDz5QQ0T19
https://blogs.technet.microsoft.com/srd/2014/06/05/an-overview-of-kb2871997/
https://blogs.technet.microsoft.com/kfalde/2014/11/01/kb2871997-and-wdigest-part-1/
https://blogs.technet.microsoft.com/kfalde/2014/11/02/kb2871997-and-wdigest-part-2/
https://twitter.com/cyb3rops/status/752614226909335553
https://t.co/4Mbh7QY7pN
http://www.harmj0y.net/blog/redteaming/keethief-a-case-study-in-attacking-keepass-part-2/
https://twitter.com/cyb3rops/status/752562506489556993
https://t.co/CnaO60g7OI
https://github.com/Neo23x0/signature-base/commit/69f96e201119bc9c18269cb4c17fde1024bb02b9
https://twitter.com/cyb3rops/status/752554204938600452
https://t.co/sx1vEW05RM
http://www.talosintelligence.com/reports/TALOS-2016-0087/
https://twitter.com/cyb3rops/status/752551427633971200
https://t.co/AKTJ1aL3Hb
http://iplists.firehol.org/
https://twitter.com/cyb3rops/status/752500678099173376
https://t.co/Qxp3BVSlC7
https://imgur.com/gfYw57t
https://twitter.com/cyb3rops/status/752489445681688577
https://t.co/yj70AKLdty
https://github.com/exp0se/harbinger
https://twitter.com/cyb3rops/status/752481555902242817
https://t.co/zPEGjkeNT4
https://learnxinyminutes.com/
https://twitter.com/cyb3rops/status/752479883415216128
https://t.co/xo62tDed6Z
https://moxie.org/blog/gpg-and-me/
https://twitter.com/cyb3rops/status/752457603729547265
https://t.co/zGJWPzKQow
https://technet.microsoft.com/en-us/library/hh831696(v=ws.11).aspx
https://twitter.com/cyb3rops/status/752133083894255616
https://t.co/0S2Qn9DliG
http://www.hexacorn.com/blog/2016/07/09/pefix-simple-pe-file-re-aligner/
https://twitter.com/cyb3rops/status/752132841220239360
https://t.co/yYhCakaTNf
http://seclist.us/project-keyhole-is-a-python-framework-to-automatically-backdoor-binaries-or-source-code.html
https://twitter.com/cyb3rops/status/752115783363334144
https://t.co/hMvhAnxJum
http://seclist.us/commix-v1-1-automatic-all-in-one-os-command-injection-and-exploitation-tool.html
https://twitter.com/cyb3rops/status/751883168643506177
https://t.co/iXKSvtpzVL
http://raidersec.blogspot.de/2013/03/introducing-dumpmon-twitter-bot-that.html?m=1
https://twitter.com/cyb3rops/status/751693255457304577
https://t.co/vSf8g9CgRi
http://blog.checkpoint.com/2016/07/08/jigsaw-ransomware-decryption/
https://twitter.com/cyb3rops/status/751545870341005312
https://t.co/63JFlpGNj0
http://www.govcert.admin.ch/blog/23/dridex-targeting-swiss-internet-users
https://twitter.com/cyb3rops/status/751545673758179332
https://t.co/4mjn6pJWvv
https://securityintelligence.com/gootkit-bobbing-and-weaving-to-avoid-prying-eyes/
https://twitter.com/cyb3rops/status/751509593117851648
https://t.co/SBjRNEYmlZ
http://www.in.techspot.com/news/security/nsa-classifies-linux-journal-readers-tor-and-tails-linux-users-as-extremists/articleshow/47743699.cms
https://twitter.com/cyb3rops/status/751491485938413568
https://t.co/NY3dvUWvuY
https://twitter.com/blubbfiction/status/751459074814971906
https://twitter.com/cyb3rops/status/751483736219344898
https://t.co/N27WkxElxu
https://securelist.com/blog/research/75328/the-dropping-elephant-actor/
https://twitter.com/cyb3rops/status/751299551609380864
https://t.co/JFfXeYFrz2
https://securelist.com/blog/security-policies/75279/vdi-non-virtual-problems-of-virtual-desktop-security-and-how-to-solve-them-for-real/
https://twitter.com/cyb3rops/status/751107615652995073
https://t.co/woVGVMSlc1
https://www.safer-networking.org/products/filealyzer/
https://twitter.com/cyb3rops/status/751076307090440195
https://t.co/nd4mw8gnkW
https://dfir.it/blog/2016/07/06/webshells-every-time-the-same-story-dot-dot-dot-part-3/
https://twitter.com/cyb3rops/status/751056986461134848
https://t.co/dwFN58jhIH
https://imgur.com/a/OUQUM
https://twitter.com/cyb3rops/status/750929983028297728
https://t.co/wyIpJH4gWV
https://github.com/putterpanda/mimikittenz
https://twitter.com/cyb3rops/status/750926939368620032
https://t.co/YHUP5rgZcs
http://seclist.us/tplmap-automatic-server-side-template-injection-detection-and-exploitation-tool.html
https://twitter.com/cyb3rops/status/750724971979218944
https://twitter.com/cyb3rops/status/750680484166991872
https://t.co/KLXgn4lAZL
http://seclist.us/sublist3r-v1-0-released-fast-subdomains-enumeration-tool-for-penetration-testers.html
https://twitter.com/cyb3rops/status/750647459773353984
https://t.co/5Zyzb6N4F7
https://technet.microsoft.com/en-us/library/mt631193.aspx#T0E_BM
https://twitter.com/cyb3rops/status/750625509550202880
https://twitter.com/cyb3rops/status/750572789111848966
https://t.co/Pa0Fclk4u6
http://www.darknet.org.uk/2016/07/erts-exploit-reliability-testing-system/
https://twitter.com/cyb3rops/status/750572399746244608
https://t.co/NEXq3c8rTO
https://www.us-cert.gov/ncas/alerts/TA16-187A
https://twitter.com/cyb3rops/status/750571819300708352
https://t.co/e9sltWpveP
https://github.com/Cr4sh/ThinkPwn
https://twitter.com/cyb3rops/status/750419843359334400
https://t.co/dVDUzoynmz
https://analyst.koodous.com/analysts/Jacob/rulesets
https://twitter.com/cyb3rops/status/750404240368082944
https://twitter.com/cyb3rops/status/750348460214321152
https://twitter.com/cyb3rops/status/750016516343627776
https://t.co/cvCHtaNdFo
https://n0where.net/open-source-threat-intelligence-collector-ostrica/
https://twitter.com/cyb3rops/status/749572940463833088
https://t.co/apOIgTwJ8L
https://www.malwaretech.com/2016/06/how-cerbers-hash-factory-works.html
https://twitter.com/cyb3rops/status/749359676765138944
https://t.co/xhKCaQwgOW
https://support.lenovo.com/en/solutions/LEN-8324
https://twitter.com/cyb3rops/status/749298924368891904
https://t.co/FWTKwcRI1h
https://github.com/GDSSecurity/Windows-Exploit-Suggester/pull/12
https://twitter.com/cyb3rops/status/749297537169915904
https://t.co/pJYMIcmSPN
http://procdot.com/download/videos/prealphafootage12.mp4
https://twitter.com/cyb3rops/status/749292048906346496
https://twitter.com/cyb3rops/status/748924515061760000
https://t.co/OwA3WjqPiv
http://seclist.us/thc-ipv6-v3-1dev-git-ipv6-attack-toolkit.html
https://twitter.com/cyb3rops/status/748924359838932992
https://t.co/dpk0oExTq2
https://www.insinuator.net/2016/07/jenkins-remoting-rce-ii-the-return-of-the-ysoserial/
https://twitter.com/cyb3rops/status/748924160437551104
https://t.co/F0yCXmOYxR
http://googleprojectzero.blogspot.com/2016/07/a-year-of-windows-kernel-font-fuzzing-2.html
https://twitter.com/cyb3rops/status/748621086439399424
https://t.co/3gBnneXib7
https://www.recordedfuture.com/web-shell-analysis-part-1/
https://twitter.com/cyb3rops/status/748551389878554625
https://t.co/moWe1DLJTt
http://www.harmj0y.net/blog/redteaming/a-case-study-in-attacking-keepass/
https://twitter.com/cyb3rops/status/748407885743403008
https://t.co/SSxZkbSUoq
https://t.co/N5zbf70P2x
https://www.slideshare.net/mobile/44Con/canape-workshop
http://www.contextis.com/services/research/canape/
https://twitter.com/cyb3rops/status/748396738432667649
https://t.co/4MDWdlwsmv
https://github.com/hgascon/pulsar
https://twitter.com/cyb3rops/status/748256380088369152
https://t.co/pC9dDVAruC
http://blogs.cisco.com/security/talos/detecting-dns-data-exfiltration
https://twitter.com/cyb3rops/status/748224571569016833
https://t.co/O1vHQ4bVTh
https://blog.malwarebytes.com/threat-analysis/2016/06/satana-ransomware/
https://twitter.com/cyb3rops/status/748168756325670912
https://t.co/0BEDr0Ch57
http://seclist.us/payday-v0-5-payload-generator-that-uses-metasploit-and-veil.html
https://twitter.com/cyb3rops/status/748049988001861632
https://t.co/9YBoeMbgP1
https://blogs.mcafee.com/mcafee-labs/efficient-application-testing-burps-cookie-jar/
https://twitter.com/cyb3rops/status/747899893591736320
https://t.co/UFwfUa19UB
http://googleprojectzero.blogspot.com/2016/06/how-to-compromise-enterprise-endpoint.html
https://twitter.com/cyb3rops/status/747850625166286848
https://twitter.com/cyb3rops/status/747791966230962176
https://t.co/gvedFe76b2
http://www.threatgeek.com/2016/06/xenon-crypter.html
https://twitter.com/cyb3rops/status/747790991655059456
https://t.co/x220SrRavr
https://www.trustedsec.com/june-2016/new-release-social-engineer-toolkit-set-v7-2-wine-gold/
https://twitter.com/cyb3rops/status/747677397215023104
https://t.co/eYYSTlxKIz
https://www.helpnetsecurity.com/2016/06/28/retefe-trojan-mitm-capabilities/
https://twitter.com/cyb3rops/status/747557003191529472
https://t.co/BzGROY561a
https://github.com/digitalocean/netbox
https://twitter.com/cyb3rops/status/747380776350650368
https://t.co/FXrxo33TMJ
https://github.com/gautamkrishnar/socli
https://twitter.com/cyb3rops/status/747058561423912960
https://t.co/ISPrrYyhDN
https://github.com/blechschmidt/massdns
https://twitter.com/cyb3rops/status/747042907052474368
https://t.co/uqpcJBkH0v
https://github.com/504ensicsLabs/DAMM
https://twitter.com/cyb3rops/status/746953811076452352
https://t.co/AFgw6j70wa
https://github.com/guarinogabriel/mac-cli
https://twitter.com/cyb3rops/status/746953096924893184
https://t.co/7gcCn1ZDy4
http://seclist.us/autobuf-buffer-overflow-exploit-tool.html
https://twitter.com/cyb3rops/status/746953008668360704
https://t.co/3wiFVMx4Rw
http://seclist.us/nosqlmap-v0-7-automated-mongo-database-and-nosql-web-application-exploitation-tool.html
https://twitter.com/cyb3rops/status/746869579285143552
https://t.co/LVrmNjdymz
https://fee.org/articles/obamacare-strikes-out-on-affordability-savings-coverage/
https://twitter.com/cyb3rops/status/746736013163241473
https://t.co/cBPSnvjhcW
https://github.com/longld/peda
https://twitter.com/cyb3rops/status/746581879067901953
https://t.co/p3jKVVcg0t
http://phishme.com/rockloader-downloading-new-ransomware-bart/
https://twitter.com/cyb3rops/status/746580723369447424
https://t.co/DQgtiYTjkv
https://suricata-ids.org/2016/06/20/suricata-3-1-released/
https://twitter.com/cyb3rops/status/746579884907061248
https://t.co/WEDVrqHniD
https://www.trustwave.com/Resources/SpiderLabs-Blog/PoSeidon-Adventures-in-Memory/
https://twitter.com/cyb3rops/status/746579356139532288
https://t.co/m4z142OF6C
http://seclist.us/airgeddon-v3-41dev-this-is-a-multi-use-bash-script-for-linux-systems-to-audit-wireless-networks.html
https://twitter.com/cyb3rops/status/746288150499164161
https://t.co/PvtOQ3Tp9T
http://seclist.us/byteforce-offline-digital-forensics-tool-for-binary-files.html
https://twitter.com/cyb3rops/status/746287631131115520
https://t.co/bNpRKUWYDI
http://blog.trendmicro.com/trendlabs-security-intelligence/instruction-less-ransomware-mircop-channels-guy-fawkes/
https://twitter.com/cyb3rops/status/746287227366412288
https://t.co/h9zHtrGZNe
https://www.proofpoint.com/threat-insight/post/necurs-botnet-returns-with-updated-locky-ransomware-in-tow
https://twitter.com/cyb3rops/status/746217479563710464
https://twitter.com/cyb3rops/status/746074123416248321
https://t.co/0KFOO6Dq8X
https://community.rapid7.com/community/infosec/blog/2016/06/23/penetration-testing-vs-red-teaming-the-age-old-debate-of-pirates-vs-ninja-continues
https://twitter.com/cyb3rops/status/745998153355243520
https://t.co/wYUtoVZV4p
http://blog.fortinet.com/2016/06/21/the-curious-case-of-an-unknown-trojan-targeting-german-speaking-users
https://twitter.com/cyb3rops/status/745997921741594626
https://t.co/glLMPGyoVa
https://community.rapid7.com/community/infosec/blog/2016/06/23/r7-2016-06-remote-code-execution-via-swagger-parameter-injection-cve-2016-5641
https://twitter.com/cyb3rops/status/745997498716659712
https://t.co/HD6RzI40es
http://www.fireeye.com/blog/threat-research/2016/06/automatically-extracting-obfuscated-strings.html
https://twitter.com/cyb3rops/status/745845697212190720
https://t.co/FSJhCdsTcJ
http://www.kahusecurity.com/2016/locky-js-and-url-revealer/
https://twitter.com/cyb3rops/status/745746461334331392
https://t.co/J6MDs92cCV
http://blog.gdssecurity.com/labs/2016/6/22/rexx-cgi-web-shell.html
https://twitter.com/cyb3rops/status/745745815159836672
https://t.co/wiIHMT0F9l
http://seclist.us/owasp-zsc-v1-0-9-git-shellcodeobfuscate-code-generator.html
https://twitter.com/cyb3rops/status/745640565442756608
https://t.co/mtz1BrZ4Go
http://www.threatgeek.com/2016/06/dnc_update.html
https://twitter.com/cyb3rops/status/745614134205636608
https://t.co/EmZDjFjLYa
https://support.apple.com/en-us/HT206846
https://twitter.com/cyb3rops/status/745611049810956292
https://t.co/lKQX6aKDDY
http://blog.airbuscybersecurity.com/post/2016/06/Getting-a-PlugX-builder
https://twitter.com/cyb3rops/status/745610276452597760
https://t.co/a3BnS0EGYo
http://resources.infosecinstitute.com/understanding-critical-windows-artifacts-and-their-relevance-during-investigation-part-2/
https://twitter.com/cyb3rops/status/745484505209704449
https://t.co/qzhKjJh4Rp
http://seclist.us/badusb-2-0-usb-mitm-poc.html
https://twitter.com/cyb3rops/status/745483856355024897
https://t.co/dVPeVa9x2D
http://www.welivesecurity.com/wp-content/uploads/2016/06/visiting_the_bear_den_recon_2016_calvet_campos_dupuy-1.pdf
https://twitter.com/cyb3rops/status/745388776877359104
https://t.co/djsgHVKAAd
http://seclist.us/bluto-v1-1-22-dns-recon-brute-forcer-dns-zone-transfers-email-enumeration-user-enumeration.html
https://twitter.com/cyb3rops/status/745376974881730561
https://t.co/7n64pjFW0S
http://www.bloomberg.com/news/articles/2016-06-21/clinton-foundation-said-to-be-breached-by-russian-hackers
https://twitter.com/cyb3rops/status/745352741485182977
https://t.co/CHwiV9Ud7g
http://blogs.cisco.com/security/talos/vulnerability-spotlight-pidgin
https://twitter.com/cyb3rops/status/745278685310259200
https://t.co/M8KwQNXbi8
http://blogs.cisco.com/security/talos/the-poisoned-archives
https://twitter.com/cyb3rops/status/745278277800058880
https://t.co/BwEsc7ihwZ
http://www.malwaretech.com/2016/06/whats-happening-with-necurs-dridex-and.html
https://twitter.com/cyb3rops/status/745171969897730048
https://t.co/piq4Qjz1Rt
http://www.darknet.org.uk/2016/06/shadow-firefox-heap-exploitation-tool-jemalloc/
https://twitter.com/cyb3rops/status/745128628346724352
https://t.co/DmNLWV711r
http://seclist.us/powerops-v0-9-powershell-for-offensive-operations.html
https://twitter.com/cyb3rops/status/745128351740747777
https://t.co/Agy0KqNMYU
https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/
https://twitter.com/cyb3rops/status/745128003936493570
https://t.co/GT0lbGM0VH
http://www.fireeye.com/blog/threat-research/2016/06/red-line-drawn-china-espionage.html
https://twitter.com/cyb3rops/status/745008523768127488
https://twitter.com/cyb3rops/status/745005217431814144
https://t.co/fh7NPkY9f5
https://blogs.technet.microsoft.com/mmpc/2016/06/20/reverse-engineering-dubniums-flash-targeting-exploit/
https://twitter.com/cyb3rops/status/744962680474247168
https://t.co/ga7mnN8WuB
https://securelist.com/blog/research/75120/the-tip-of-the-iceberg-an-unexpected-turn-in-the-xdedic-story/
https://twitter.com/cyb3rops/status/744961735593984000
https://t.co/UNYdGL8knt
http://googleprojectzero.blogspot.com/2016/06/exploiting-recursion-in-linux-kernel_20.html
https://twitter.com/cyb3rops/status/744887778643742720
https://t.co/Hx9h7KyJSL
http://blog.checkpoint.com/2016/06/20/cerber-ransomware-targets-u-s-turkey-and-the-uk-in-two-waves/
https://twitter.com/cyb3rops/status/744887538800820224
https://t.co/kXz4y8mi2w
http://resources.infosecinstitute.com/understanding-critical-windows-artifacts-and-their-relevance-during-investigation-part-1/
https://twitter.com/cyb3rops/status/744878625380532225
https://twitter.com/cyb3rops/status/744862787319410688
https://t.co/as8PVOD7Ww
https://www.helpnetsecurity.com/2016/06/20/bloatware-gone-refresh-tool-windows/
https://twitter.com/cyb3rops/status/744830654811115520
https://t.co/ix4VizoinS
https://www.fireeye.com/blog/threat-research/2016/06/resurrection-of-the-evil-miner.html
https://twitter.com/cyb3rops/status/744829922154319873
https://twitter.com/cyb3rops/status/744829378375319552
https://t.co/ZVYApRGvCV
http://www.useragentstring.com/index.php
https://twitter.com/cyb3rops/status/744640978515013632
https://t.co/BC0yoSdZop
http://gcc.godbolt.org/
https://twitter.com/cyb3rops/status/744593350720892929
https://twitter.com/cyb3rops/status/744494534374133760
https://t.co/FB7fTzfJPA
https://youtu.be/Xl6tH0L1Bw4
https://twitter.com/cyb3rops/status/744319145769115648
https://t.co/WGXxSSyA3o
http://seclist.us/usploit-framework-v1-2-very-basic-exploitpeneration-test-tool-framework.html
https://twitter.com/cyb3rops/status/744242178885566464
https://t.co/EkJsdkMJEV
http://lmgtfy.com/?q=inurl%3Aguccifer2.wordpress.com+New+docs+from+DNC+network
https://twitter.com/cyb3rops/status/744199817430175744
https://t.co/ZfeUdQvxGq
http://arstechnica.com/security/2016/06/college-student-schools-govs-and-mils-on-perils-of-arbitrary-code-execution/
https://twitter.com/cyb3rops/status/744142265879236608
https://t.co/fsvl5YdvQV
http://www.slideshare.net/deenadayalancs/reverse-engineering-basics-63184458
https://twitter.com/cyb3rops/status/744075206990397440
https://t.co/BMl7ebdZvM
http://blog.emsisoft.com/2016/06/15/raa-a-new-ransomware-variant-using-only-javascript/
https://twitter.com/cyb3rops/status/744074872754692097
https://t.co/I5eX08Rzmi
https://www.thc.org/thc-hydra/
https://twitter.com/cyb3rops/status/744072264610643968
https://t.co/f6hX8A16cR
https://isc.sans.edu/diary.html?storyid=21171&rss
https://twitter.com/cyb3rops/status/744072038055354368
https://t.co/LK3Pprv6co
http://seclist.us/binary-x86-shellcode-obfuscator-and-generator.html
https://twitter.com/cyb3rops/status/743703447833239552
https://twitter.com/cyb3rops/status/743700150623690752
https://t.co/dEP7Gq6CJ8
https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
https://twitter.com/cyb3rops/status/743699709970132993
https://twitter.com/cyb3rops/status/743699287964426240
https://t.co/JRWgoxXg3P
https://securelist.com/blog/research/75100/operation-daybreak/
https://twitter.com/cyb3rops/status/743690393535930368
https://t.co/Yx6StpvkVR
https://blogs.mcafee.com/mcafee-labs/microsofts-june-patch-kills-potential-cfg-bypass/
https://twitter.com/cyb3rops/status/743690021194997761
https://t.co/KVt2oKylK2
https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2016/june/sakula-an-adventure-in-dll-planting/?page=1
https://twitter.com/cyb3rops/status/743571035317018624
https://t.co/MOyNOWsozS
http://az4n6.blogspot.com/2016/06/how-to-image-mac-with-live-linux.html
https://twitter.com/cyb3rops/status/743570801220329472
https://t.co/HMeeEiwgk1
http://seclist.us/snmpwn-an-snmpv3-user-enumerator-and-attack-tool.html
https://twitter.com/cyb3rops/status/743480253025292288
https://t.co/sBOiq83Qiw
http://blog.trendmicro.com/trendlabs-security-intelligence/why-ransomware-works-tactics-beyond-encryption/
https://twitter.com/cyb3rops/status/743479134853148672
https://t.co/1RNK1aiOmD
http://www.welivesecurity.com/2016/06/16/nemucod-ups-its-game/
https://twitter.com/cyb3rops/status/743448515108544512
https://t.co/2NkINNXVum
https://twitter.com/JGamblin/status/743439327603081220
https://twitter.com/cyb3rops/status/743445196889784320
https://twitter.com/cyb3rops/status/743444621271900160
https://t.co/GUklbI3h7d
https://github.com/HurricaneLabs/machinae
https://twitter.com/cyb3rops/status/743437523427418112
https://twitter.com/cyb3rops/status/743436017009557505
https://twitter.com/cyb3rops/status/743418178273951744
https://twitter.com/cyb3rops/status/743371455543508992
https://t.co/4mNouUqmCH
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4971
https://twitter.com/cyb3rops/status/743361283748044800
https://t.co/tjgLq5tGio
https://portal.cert.dfn.de/adv/DFN-CERT-2016-0959/
https://twitter.com/cyb3rops/status/743357844490067968
https://twitter.com/cyb3rops/status/743345526108618753
https://t.co/Mcv66YrXAQ
http://arstechnica.com/security/2016/06/meet-xdedic-the-site-selling-access-to-thousands-of-hacked-gov-and-com-servers/
https://twitter.com/cyb3rops/status/743181244729593856
https://t.co/faJI6eRVwu
https://github.com/tdifg/WebShell
https://twitter.com/cyb3rops/status/743130533069197312
https://twitter.com/cyb3rops/status/743127016749322241
https://t.co/kXE62WPTHB
https://t.co/ouoV8onAOX
https://github.com/Neo23x0/signature-base/commit/a1927bb1e542e9320e76ed1883ac3a7a9cc021ca
https://github.com/fox-it/mofang/
https://twitter.com/cyb3rops/status/743120009292087296
https://t.co/xxdrVwlchz
https://infosecspeakeasy.org/t/howto-build-a-cuckoo-sandbox/27
https://twitter.com/cyb3rops/status/743104162653671424
https://t.co/FPjPu3okHf
http://blog.trendmicro.com/trendlabs-security-intelligence/unsupported-teamviewer-versions-exploited-backdoors-keylogging/
https://twitter.com/cyb3rops/status/743103270604943361
https://t.co/XbDLfKtcbb
http://www.forbes.com/sites/thomasbrewster/2016/06/14/microsoft-badtunnel-big-brother-windows-vulnerability/#2f1e85325c64
https://twitter.com/cyb3rops/status/743102568495210498
https://t.co/hdDxuFPwvb
http://www.welivesecurity.com/2016/06/15/verticalscope-experiences-major-data-breach-45-million-records-stolen/
https://twitter.com/cyb3rops/status/743102380380676096
https://t.co/5gjvbA94O9
http://www.welivesecurity.com/2016/06/15/windows-10-security-privacy-depth-review-analysis/
https://twitter.com/cyb3rops/status/743101517373296644
https://t.co/7F08vF48J9
https://securelist.com/blog/research/75027/xdedic-the-shady-world-of-hacked-servers-for-sale/
https://twitter.com/cyb3rops/status/743098490331529216
https://t.co/R2Nx6FsJTO
https://securelist.com/blog/research/75082/cve-2016-4171-adobe-flash-zero-day-used-in-targeted-attacks/
https://twitter.com/cyb3rops/status/742987414147305472
https://t.co/Cuwazictdl
https://blog.fox-it.com/2016/06/15/mofang-a-politically-motivated-information-stealing-adversary/
https://twitter.com/cyb3rops/status/742963978121433088
https://t.co/wuW126IWa5
http://seclist.us/png-idat-chunks-payload-generator.html
https://twitter.com/cyb3rops/status/742963424762703872
https://t.co/B9rfidhuWu
https://blogs.technet.microsoft.com/mmpc/2016/06/14/wheres-the-macro-malware-author-are-now-using-ole-embedding-to-deliver-malicious-files/
https://twitter.com/cyb3rops/status/742963007140069376
https://t.co/cvKqqNWdED
http://seclist.us/backdoor-apk-is-a-shell-script-that-simplifies-the-process-of-adding-a-backdoor-to-any-android-apk-file.html
https://twitter.com/cyb3rops/status/742944525379850240
https://t.co/bMVsQQdJ4T
https://t.co/gQ93mo9xnT
https://t.co/pnrR7HW6VH
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_sofacy_jun16.yar
http://pastebin.com/tkD2Vznc
http://researchcenter.paloaltonetworks.com/2016/06/unit42-new-sofacy-attacks-against-us-government-agency/
https://twitter.com/cyb3rops/status/742830322732179456
https://t.co/N8AdjRJwOy
http://www.harmj0y.net/blog/redteaming/where-my-admins-at-gpo-edition/
https://twitter.com/cyb3rops/status/742824235173859329
https://t.co/c6UlHhksVh
http://arstechnica.com/security/2016/06/hackers-invade-dems-servers-steal-entire-trump-opposition-file/
https://twitter.com/cyb3rops/status/742809193288241153
https://t.co/pnrR7HW6VH
http://researchcenter.paloaltonetworks.com/2016/06/unit42-new-sofacy-attacks-against-us-government-agency/
https://twitter.com/cyb3rops/status/742802235810295810
https://t.co/KzSrZmhJZw
https://t.co/wjBCOtWMDj
https://www.aldeid.com/wiki/SysAnalyzer/SysAnalyzer
https://github.com/dzzie/SysAnalyzer
https://twitter.com/cyb3rops/status/742750612908089344
https://t.co/qEJVkNq6Ct
http://room362.com/post/2016/smb-http-auth-capture-via-scf/
https://twitter.com/cyb3rops/status/742746133705920512
https://t.co/s8aQXW5Hxi
https://reaqta.com/2016/06/raa-ransomware-delivering-pony/
https://twitter.com/cyb3rops/status/742732049614770180
https://t.co/AHwBqoG7QZ
https://www.helpnetsecurity.com/2016/06/14/another-historic-hack-leak-51-million-imesh-accounts/
https://twitter.com/cyb3rops/status/742711845463699457
https://t.co/S89g1ypeAC
http://blog.morphisec.com/less-is-more-dangerous-a-dissection-of-fileless-in-memory-attacks
https://twitter.com/cyb3rops/status/742670475126525953
https://t.co/3qHbmTaVn1
http://securityblog.gr/3457/import-nmap-results-into-nessus/
https://twitter.com/cyb3rops/status/742406521703796736
https://t.co/puA9VqLcPo
http://www.theepochtimes.com/n3/2085775-exclusive-chinese-state-hackers-started-cyber-bank-robberies/
https://twitter.com/cyb3rops/status/742393108919390209
https://t.co/7DT9rD7zFA
https://www.symantec.com/region/can/eng/press/2000/n000727.html
https://twitter.com/cyb3rops/status/742378495787991040
https://twitter.com/cyb3rops/status/742351068189872128
https://twitter.com/cyb3rops/status/742330465605029888
https://t.co/W04Tlpl2mK
https://www.bluecoat.com/company/press-releases/symantec-acquire-blue-coat-and-define-future-cybersecurity
https://twitter.com/cyb3rops/status/742286772663689220
https://t.co/0P7l2kDql5
https://t.co/gOaxJP38WP
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_turla.yar
https://www.govcert.admin.ch/blog/22/technical-report-about-the-ruag-espionage-case
https://twitter.com/cyb3rops/status/742266057004621824
https://t.co/ei4CPs2kRW
https://adsecurity.org/?p=1684
https://twitter.com/cyb3rops/status/742218161118937088
https://t.co/beoqPcjKaw
http://seclist.us/httppwnly-an-xss-post-exploitation-framework.html
https://twitter.com/cyb3rops/status/742050430256041988
https://t.co/cqFyDKqo6J
https://www.bsk-consulting.de/2016/06/12/ioc-scanning-compulsory-and-freestyle/
https://twitter.com/cyb3rops/status/742001043119177728
https://t.co/4fnjsvTngW
https://t.co/lf7pMVP1An
https://www.pelock.com/products/obfuscator
https://twitter.com/ForumDevStart/status/741992011557928960
https://twitter.com/cyb3rops/status/741993055666987008
https://twitter.com/cyb3rops/status/741986897153646594
https://t.co/4fnjsvTngW
https://www.pelock.com/products/obfuscator
https://twitter.com/cyb3rops/status/741985407672430592
https://twitter.com/cyb3rops/status/741947735142764544
https://twitter.com/cyb3rops/status/741947097541443584
https://t.co/Vf8oZ3JhPp
https://github.com/gentilkiwi/mimikatz/blob/master/kiwi_passwords.yar
https://twitter.com/cyb3rops/status/741944194038681600
https://twitter.com/cyb3rops/status/741914622597451777
https://twitter.com/cyb3rops/status/741913439434641408
https://twitter.com/cyb3rops/status/741781027824242688
https://t.co/ssxFB6bXyc
http://www.teclib-edition.com/teclib-products/armadito-antivirus/
https://twitter.com/cyb3rops/status/741724242283245568
https://t.co/fq4Em0Zkf3
https://github.com/faizann24/XssPy
https://twitter.com/cyb3rops/status/741630447491375104
https://t.co/pJyliz7M1f
http://malwinator.com/anti-disassembly-used-in-malware-a-primer/
https://twitter.com/cyb3rops/status/741616536306233344
https://t.co/yGJLv2D6KH
http://www.darknet.org.uk/2016/06/unicorn-powershell-downgrade-attack/
https://twitter.com/cyb3rops/status/741578066376413184
https://twitter.com/cyb3rops/status/741560677010165764
https://twitter.com/cyb3rops/status/741554799804579840
https://t.co/kwMsfupOAr
http://www.cbc.ca/beta/news/technology/blackberry-taps-user-messages-1.3620186
https://twitter.com/cyb3rops/status/741553115191738368
https://t.co/9gMHtfA7Xs
https://blog.malwarebytes.org/threat-analysis/2016/06/petya-and-mischa-ransomware-duet-part-2/
https://twitter.com/cyb3rops/status/741553033461571584
https://t.co/3DYJv3YCLB
http://www.hexacorn.com/blog/2016/06/10/enter-sandbox-part-11-breaking-the-sandbox-literally/
https://twitter.com/cyb3rops/status/741552829026971648
https://t.co/Ddk9YnFbXH
http://seclist.us/inspector-is-an-privilege-escalation-unix-helper-forensics-kernel-exploit-list-process.html
https://twitter.com/cyb3rops/status/741548142802423808
https://t.co/gW3uOQrx7H
https://www.trustwave.com/Resources/SpiderLabs-Blog/Linux-Kernel-ROP---Ropping-your-way-to---(Part-1)/
https://twitter.com/cyb3rops/status/741547448443756544
https://t.co/1Pyvsx9Z8W
https://blogs.mcafee.com/mcafee-labs/testing-race-conditions-web-applications/
https://twitter.com/cyb3rops/status/741367836367585280
https://t.co/nYhEtsa8yF
https://t.co/wiEUFf8INH
https://github.com/Neo23x0/signature-base/commit/1b9ba2eb170174f4d8a1a54063b0778c8ae459ba
http://pastebin.com/EBLuDD6f
https://twitter.com/cyb3rops/status/741327301225373697
https://t.co/iucyodx9gx
https://github.com/mthbernardes/ARTLAS/blob/master/README.md
https://twitter.com/cyb3rops/status/741304291961524225
https://t.co/pWNGUFAhWr
https://t.co/RnQTrFHQqI
https://github.com/nccgroup/Cyber-Defence
https://github.com/nccgroup/Cyber-Defence/blob/master/Technical%20Notes/Sakula/Sakula%20technical%20note%201.0.pdf
https://twitter.com/cyb3rops/status/741240920843137024
https://t.co/qpaMPJ1b25
https://t.co/VA8YAJPv6X
http://binary.ninja/
https://blog.trailofbits.com/2016/06/03/2000-cuts-with-binary-ninja/
https://twitter.com/cyb3rops/status/741206910850981888
https://t.co/fblf7RpFsk
https://www.arbornetworks.com/blog/asert/communications-bolek-trojan/
https://twitter.com/cyb3rops/status/741206661231173633
https://t.co/McBe9ft4g2
http://resources.infosecinstitute.com/android-malware-analysis-2/
https://twitter.com/cyb3rops/status/741162650890076160
https://t.co/O7odRehGQq
https://www.trustwave.com/Resources/SpiderLabs-Blog/Zero-Day-Auction-for-the-Masses/
https://twitter.com/cyb3rops/status/741162359994109952
https://t.co/9pUjO1YoeO
https://blogs.technet.microsoft.com/mmpc/2016/06/09/reverse-engineering-dubnium-2/
https://twitter.com/cyb3rops/status/741047280787165184
https://twitter.com/cyb3rops/status/741041628593422336
https://t.co/4K6Ckexy4y
https://blog.serverdensity.com/monitor-redis/
https://twitter.com/cyb3rops/status/741040829070987264
https://t.co/EclcwTYeuj
http://blog.trendmicro.com/trendlabs-security-intelligence/jigsaw-crypto-ransomware-turns-customer-centric-uses-chat-ransom-attempts/
https://twitter.com/cyb3rops/status/741040582810869760
https://t.co/9SOUXjTl3J
http://seclist.us/netftpbrute-a-bruteforce-pftp-connection-handler-to-bypass-strange-corporate-firewalls.html
https://twitter.com/cyb3rops/status/741040127934353408
https://t.co/1b0grKZVFl
http://www.clearskysec.com/dustysky2/
https://twitter.com/cyb3rops/status/741001627725922305
https://t.co/6L2WY9KhPT
https://postmodernsecurity.com/2015/09/11/malware-analysis-and-incident-response-tools-for-the-frugal-and-lazy/
https://twitter.com/cyb3rops/status/740994871784275969
https://t.co/E7kNnLo1N0
http://blog.talosintel.com/2016/06/teslacrypt-decryptor.html
https://twitter.com/cyb3rops/status/740803403924832257
https://t.co/ilPK400XfT
http://blog.talosintel.com/2016/06/pdfium.html?m=1#more
https://twitter.com/cyb3rops/status/740801987747401733
https://t.co/hGcq778nDj
http://seclist.us/responder-v2-3-git-an-llmnr-nbt-ns-and-mdns-poisoner.html
https://twitter.com/cyb3rops/status/740801658897195008
https://t.co/VpGvpckhz3
http://holisticinfosec.blogspot.de/2016/06/toolsmith-feature-highlight-autopsy.html?m=1
https://twitter.com/cyb3rops/status/740613014974550016
https://t.co/R8AKetY4Xq
https://github.com/onionmail/onionmail
https://twitter.com/cyb3rops/status/740532711849353216
https://t.co/EqLyQgIMlu
https://labsblog.f-secure.com/2016/06/07/qarallax-rat-spying-on-us-visa-applicants/
https://twitter.com/cyb3rops/status/740444626381856768
https://twitter.com/cyb3rops/status/740442232281522177
https://t.co/mUBcNMahGX
http://seclist.us/hercules-is-a-special-payload-generator-that-can-bypass-all-antivirus-software.html
https://twitter.com/cyb3rops/status/740310475481714688
https://t.co/GkCfixLjh4
http://www.harmj0y.net/blog/powershell/upgrading-powerup-with-psreflect/
https://twitter.com/cyb3rops/status/740310255452717056
https://t.co/aHyzofJ4oq
http://blog.trendmicro.com/trendlabs-security-intelligence/ransomware-leaves-server-keys-code/
https://twitter.com/cyb3rops/status/740310051638943745
https://t.co/geRejL8wGT
http://blog.fortinet.com/2016/06/07/real-time-polymorphic-code-in-ransomware
https://twitter.com/cyb3rops/status/740309656556408832
https://t.co/pR9vdMmkrc
http://researchcenter.paloaltonetworks.com/2016/06/unit42-understanding-angler-exploit-kit-part-2-examining-angler-ek/
https://twitter.com/cyb3rops/status/740260044395171840
https://t.co/b2Y7vSpAV1
http://www.bleepingcomputer.com/news/security/teamviewer-apologizes-but-still-say-they-were-not-compromised/
https://twitter.com/cyb3rops/status/740243050744680448
https://t.co/y2CwswVTGX
https://blog.didierstevens.com/2016/06/07/recovering-a-ransomed-pdf/amp/
https://twitter.com/cyb3rops/status/740242910633955328
https://t.co/58vT8zHE6S
http://blog.fortinet.com/2016/06/06/weaving-the-security-fabric-together
https://twitter.com/cyb3rops/status/740211654315626497
https://t.co/wdickBDItD
https://community.rapid7.com/community/infosec/blog/2016/06/07/rapid7-releases-new-research
https://twitter.com/cyb3rops/status/740211241038319616
https://t.co/MV2OCLFoJ7
https://www.blueliv.com/research/inside-tinba-infection-stage-1/
https://twitter.com/cyb3rops/status/740210980471341056
https://t.co/LpuviG9rHv
http://www.fireeye.com/blog/threat-research/2016/06/rotten_apples_apple.html
https://twitter.com/cyb3rops/status/740210710463025153
https://t.co/2dpoblCkLu
http://seclist.us/%c2%b5sploit-framework-is-very-basic-exploitpeneration-test-tool-framework.html
https://twitter.com/cyb3rops/status/740210261907394561
https://t.co/5uzjn8YXWY
http://www.welivesecurity.com/2016/06/07/beyond-teslacrypt-crysis-family-lays-claim-parts-territory/
https://twitter.com/cyb3rops/status/740208873697579009
https://t.co/XSZlG9BmSO
https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml
https://twitter.com/cyb3rops/status/740200700307738624
https://t.co/0ubChKWwNz
https://www.secureworks.com/blog/malware-lingers-with-bits
https://twitter.com/cyb3rops/status/740125447904759808
https://twitter.com/cyb3rops/status/740124914963865600
https://twitter.com/cyb3rops/status/740124578064805888
https://t.co/wxwQhaHEMZ
https://www.bsk-consulting.de/2016/04/15/how-to-write-simple-but-sound-yara-rules-part-3/
https://twitter.com/cyb3rops/status/740111372638425088
https://twitter.com/cyb3rops/status/740101588010799104
https://t.co/obkd150z5o
https://github.com/emposha/PHP-Shell-Detector
https://twitter.com/cyb3rops/status/740057323197104129
https://t.co/lswucsfCWD
http://blog.fortinet.com/2016/06/06/analysis-of-use-after-free-vulnerability-cve-2016-4119-in-adobe-acrobat-and-reader
https://twitter.com/cyb3rops/status/740048648684310532
https://t.co/UbhXSbw2W2
https://blogs.mcafee.com/mcafee-labs/threat-actors-employ-com-technology-shellcode-evade-detection/
https://twitter.com/cyb3rops/status/740047279239892992
https://t.co/GpwfBYLx1B
https://github.com/nojhan/liquidprompt/blob/master/README.md
https://twitter.com/cyb3rops/status/739948256889823232
https://t.co/sLOX8GUTCp
https://blogs.mcafee.com/mcafee-labs/locky-ransomware-hides-under-multiple-obfuscated-layers-of-javascript/
https://twitter.com/cyb3rops/status/739879537543155712
https://t.co/nROzFJMGvS
http://cyber-defense.sans.org/blog/2016/06/06/powershell-7-zip-compress-archive-encryption
https://twitter.com/cyb3rops/status/739879297125613568
https://t.co/3YLjiGyhTb
https://www.insinuator.net/2016/06/samlrequest-burpsuite-extention/
https://twitter.com/cyb3rops/status/739879228049612802
https://t.co/sechYokAxv
http://www.toolswatch.org/2016/06/vfeed-api-0-6-8-introduction-of-wasc-v2-0-mapping/
https://twitter.com/cyb3rops/status/739878483975897088
https://t.co/O8RJH1cReH
http://blog.checkpoint.com/2016/06/06/zcrypt-the-ransomware-virus-hybrid/
https://twitter.com/cyb3rops/status/739688415621447680
https://t.co/q5TnXcWzIg
http://arstechnica.com/security/2016/06/teamviewer-says-theres-no-evidence-of-2fa-bypass-in-mass-account-hack/
https://twitter.com/cyb3rops/status/739553325251760128
https://t.co/weUdhPB6bR
http://seclist.us/lamma-vulnerability-assessment-and-auditing-framework-for-all-the-crypto-implementations.html
https://twitter.com/cyb3rops/status/739518190737358848
https://t.co/nSzRMsrlQt
http://alexaltea.github.io/keystone.js
https://twitter.com/cyb3rops/status/739483313497346050
https://t.co/o0VkjMoNyz
http://seclist.us/crackmapexec-v3-1-codename-duches-a-swiss-army-knife-for-pentesting-windowsactive-directory-environments.html
https://twitter.com/cyb3rops/status/739120181616742400
https://t.co/ub885GUxsl
https://github.com/Neo23x0/signature-base/commit/bfdf1bba60cb2a63dc669a7c305f1f3cdbe174ee
https://twitter.com/cyb3rops/status/739097702974300160
https://twitter.com/cyb3rops/status/739080516461338624
https://twitter.com/cyb3rops/status/739017631093690368
https://twitter.com/cyb3rops/status/738871772913750017
https://t.co/dKfRbNCYzS
http://arstechnica.com/security/2016/06/teamviewer-users-are-being-hacked-in-bulk-and-we-still-dont-know-how/
https://twitter.com/cyb3rops/status/738783061496717312
https://t.co/Zux6MWlY4E
http://researchcenter.paloaltonetworks.com/2016/06/unit42-understanding-angler-exploit-kit-part-1-exploit-kit-fundamentals/
https://twitter.com/cyb3rops/status/738771047684706306
https://t.co/oXEvxdc70p
https://draculatheme.com/
https://twitter.com/cyb3rops/status/738695608249253888
https://t.co/op5kUcR2X9
http://x64dbg.com
https://twitter.com/cyb3rops/status/738665494098677760
https://t.co/xTLYOMAPS1
http://www.theinquirer.net/inquirer/news/2395635/microsoft-to-charge-usd600-per-server-for-windows-server-2003-holdouts
https://twitter.com/cyb3rops/status/738615151935393793
https://t.co/CqqgnfgqmB
https://citizenlab.org/2016/05/stealth-falcon/
https://twitter.com/cyb3rops/status/738614078042570752
https://t.co/31kqw9Hdh4
http://seclist.us/tomcatwardeployer-apache-tomcat-auto-war-deployment-pwning-penetration-testing-tool.html
https://twitter.com/cyb3rops/status/738613792087494656
https://t.co/TjegeddT8A
https://blogs.mcafee.com/mcafee-labs/trillium-exploit-kit-update-offers-security-tips/
https://twitter.com/cyb3rops/status/738613537031913473
https://t.co/fcR3Wi4nlR
http://blog.trendmicro.com/trendlabs-security-intelligence/fastpos-quick-and-easy-credit-card-theft/
https://twitter.com/cyb3rops/status/738613394127753216
https://t.co/fNI2ul4kxk
http://www.fireeye.com/blog/threat-research/2016/06/apt_group_sends_spea.html
https://twitter.com/cyb3rops/status/738485631408582657
https://twitter.com/cyb3rops/status/738481444696293377
https://t.co/Bhsm7CDedl
https://www.fireeye.com/blog/threat-research/2016/06/irongate_ics_malware.html
https://twitter.com/cyb3rops/status/738481048116469761
https://t.co/gNWrks9h1e
http://blog.fortinet.com/2016/05/30/misconfigured-nfs-servers-put-thousands-of-terabytes-of-data-at-risk
https://twitter.com/cyb3rops/status/738422366674522112
https://t.co/W1yRdzeiAP
http://www.welivesecurity.com/2016/06/02/crouching-tiger-hidden-dns/
https://twitter.com/cyb3rops/status/738421523548098560
https://t.co/LdLiLic2a6
http://blog.fortinet.com/2016/06/02/threat-landscape-perspectives-teamviewer-misdirection-like-spy-vs-spy
https://twitter.com/cyb3rops/status/738407291435749376
https://t.co/aDuGSvu8J8
https://github.com/tfairane/HackStory/blob/master/McAfeePrivesc.md
https://twitter.com/cyb3rops/status/738401694179024896
https://twitter.com/cyb3rops/status/738304748001103872
https://t.co/APEIVAXEgn
http://grimhacker.com/2015/04/10/gp3finder-group-policy-preference-password-finder/
https://twitter.com/cyb3rops/status/738264754360307712
https://t.co/MJMBIqYaRa
https://play.google.com/store/apps/details?id=su.sniff.cepter&hl=en
https://twitter.com/cyb3rops/status/738141744592650241
https://t.co/DRbYfb3b8u
https://github.com/wg/arc
https://twitter.com/cyb3rops/status/738135563484594178
https://t.co/04oDfE7pwx
http://www.unixstickers.com/tag/kali?code=candy1625&aic=XWHLTSG
https://twitter.com/cyb3rops/status/738046349699076096
https://twitter.com/cyb3rops/status/738041870035607552
https://t.co/iis7H5UNVX
http://seclists.org/fulldisclosure/2016/Jun/2
https://twitter.com/cyb3rops/status/738041570436481024
https://t.co/8QFab1lCDK
http://cyber-defense.sans.org/blog/2016/06/01/powershell-function-to-send-udp-syslog-message-packets
https://twitter.com/cyb3rops/status/738041157733777408
https://t.co/ZDqrMPjZWP
http://arstechnica.com/security/2016/06/how-pc-makers-make-you-vulnerable-to-man-in-the-middle-attacks-out-of-the-box/
https://twitter.com/cyb3rops/status/738004448967020547
https://t.co/gAOEn90tHq
https://www.virustotal.com/en/file/0872eeda07b7092210c69219b3272e08f4d99388e873b1060617a888f68fba0f/analysis/
https://twitter.com/cyb3rops/status/737932538581225472
https://t.co/Tg6cfrN5JP
https://adaclscan.codeplex.com/
https://twitter.com/cyb3rops/status/737918868400832513
https://t.co/Gp3eFEOrkX
https://www.helpnetsecurity.com/2016/06/01/tor-browser-6-0-released/
https://twitter.com/cyb3rops/status/737890012432326656
https://t.co/KZwFMVmgaY
https://github.com/irsdl/BurpSuiteJSBeautifier
https://twitter.com/cyb3rops/status/737889564250017793
https://t.co/snRIhrW8sC
https://blog.didierstevens.com/2016/06/01/major-update-for-zipdump-py/amp/
https://twitter.com/cyb3rops/status/737889172522962944
https://t.co/O7odRehGQq
https://www.trustwave.com/Resources/SpiderLabs-Blog/Zero-Day-Auction-for-the-Masses/
https://twitter.com/cyb3rops/status/737742844602011648
https://t.co/a1PebTl55a
https://reaqta.com/2016/05/locky-ransomware-new-loader/
https://twitter.com/cyb3rops/status/737742485674414080
https://t.co/olq0EtIA4Z
http://seclist.us/tls-attacker-v1-1-is-a-java-based-framework-for-analyzing-tls-libraries.html
https://twitter.com/cyb3rops/status/737682002565079040
https://t.co/034QGlTNHm
http://seclist.us/wpad_audit-is-a-quick-and-easy-method-to-audit-net-applications-for-wpad-mitm-attacks-over-http-and-https.html
https://twitter.com/cyb3rops/status/737681467564826624
https://t.co/ZEOEMmUt7f
http://www.darknet.org.uk/2016/05/wfuzz/
https://twitter.com/cyb3rops/status/737228654539878400
https://twitter.com/cyb3rops/status/737143078700634113
https://t.co/CwHiu4TofX
https://blogs.technet.microsoft.com/mmpc/2016/05/29/%e2%80%8bduqu-2-0-kernel-exploitation-technique-analysis-part-1-of-2-3/
https://twitter.com/cyb3rops/status/737073386271199232
https://t.co/3N2MDAidrs
http://seclist.us/the-rekall-memory-forensic-framework-v1-5-1-furka.html
https://twitter.com/cyb3rops/status/737031110702419968
https://t.co/TaulR8HWaC
http://www.pcworld.com/article/3075284/hardware/us-government-agencies-are-still-using-windows-31-floppy-disks-and-1970s-computers.html
https://twitter.com/cyb3rops/status/736749484395384832
https://t.co/iJdaaJYHsT
http://www.malware-reversing.com/2016/05/what-have-h1n1-loader-treasurehunter.html?m=1
https://twitter.com/cyb3rops/status/736735602549370880
https://t.co/Be8fGJtjG7
https://cdn.ampproject.org/c/s/cyberarms.wordpress.com/2016/05/28/dns-spoofing-with-nethunter-csploit-kali-linux/amp/
https://twitter.com/cyb3rops/status/736713108169871360
https://t.co/nt9xGfecEV
http://seclist.us/airgeddon-v3-33-this-is-a-multi-use-bash-script-for-linux-systems-to-audit-wireless-networks.html
https://twitter.com/cyb3rops/status/736591499304050688
https://twitter.com/cyb3rops/status/736577067706404864
https://t.co/BZxp0WQfS6
https://blogs.windows.com/windowsexperience/2016/05/26/announcing-windows-10-insider-preview-build-14352/
https://twitter.com/cyb3rops/status/736565348208680960
https://t.co/YfDGsF4UlR
https://blogs.technet.microsoft.com/mmpc/2016/05/26/limited-periodic-scanning-in-windows-10-to-provide-additional-malware-protection/
https://twitter.com/cyb3rops/status/736532552500940800
https://t.co/KegkKCvvsM
https://blog.malwarebytes.org/101/2016/05/process-explorer-part-2/
https://twitter.com/cyb3rops/status/736218962262929408
https://t.co/C41RyinpC5
http://blog.trendmicro.com/trendlabs-security-intelligence/ixeshe-derivative-iheate-targets-users-america/
https://twitter.com/cyb3rops/status/736058206141587456
https://t.co/WkHxPwMFa2
http://jasonpark.me/AlgorithmVisualizer/
https://twitter.com/cyb3rops/status/735909503594598400
https://twitter.com/cyb3rops/status/735842633403277313
https://t.co/mTSzRLjQ5I
http://blog.hackersonlineclub.com/2016/05/wpscrackgui-gui-cracking-for-wps_26.html
https://twitter.com/cyb3rops/status/735841267209412608
https://t.co/TcGLfl1rUN
https://upribox.org/
https://twitter.com/cyb3rops/status/735667894428672003
https://t.co/8LnMwa9cuJ
http://arstechnica.com/information-technology/2016/05/major-dns-provider-hit-by-mysterious-focused-ddos-attack/
https://twitter.com/cyb3rops/status/735667391619727360
https://t.co/uPhO01Ywkg
http://cyber-defense.sans.org/blog/2016/05/25/launch-powershell-script-from-within-keepass-and-include-password-secure-string-credential
https://twitter.com/cyb3rops/status/735665761998409728
https://t.co/bXXmKZbxsQ
https://blog.malwarebytes.org/cybercrime/2016/05/new-wave-of-malvertising-leverages-latest-flash-exploit/
https://twitter.com/cyb3rops/status/735665016574091265
https://t.co/qZXQKZE6OM
http://blog.jpcert.or.jp/2016/05/classifying-mal-a988.html
https://twitter.com/cyb3rops/status/735638904418668544
https://t.co/ieXqcX3DJ6
https://github.com/misterch0c/malSploitBase
https://twitter.com/cyb3rops/status/735599644873392128
https://t.co/KUJjmnNAPO
https://github.com/Neo23x0/signature-base/commit/b302b84740cbc5062f474f80380484c1d9f99b10
https://twitter.com/cyb3rops/status/735591646935449602
https://t.co/hffflDsODf
https://docs.google.com/spreadsheets/d/1H9_xaxQHpWaa4O_Son4Gx0YOIzlcBWMsdvePFX68EKU/pubhtml#
https://twitter.com/cyb3rops/status/735497655082573824
https://twitter.com/cyb3rops/status/735497539017805826
https://t.co/WaiDhkoxzr
http://austingwalters.com/export-a-command-line-curl-command-to-an-executable/
https://twitter.com/cyb3rops/status/735462202161790976
https://t.co/aznzQRfA1R
https://securelist.com/analysis/publications/74828/cve-2015-2545-overview-of-current-threats/
https://twitter.com/cyb3rops/status/735157642251771904
https://t.co/FmFFIVOuGS
https://twitter.com/nVisium/status/734797950195503104
https://twitter.com/cyb3rops/status/735148685340745728
https://t.co/vxR1TulwOS
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_ruag.yar
https://twitter.com/cyb3rops/status/735141238333022209
https://twitter.com/cyb3rops/status/734914453536309248
https://t.co/QsfzKOXLQL
http://seclist.us/utilities-for-finding-windows-executable-in-xored-data-using-key-or-brute-force-method.html
https://twitter.com/cyb3rops/status/734913820578086914
https://t.co/775nfQn58e
https://github.com/benjojo/totp-ssh-fluxer/
https://twitter.com/cyb3rops/status/734858722502025217
https://t.co/QEjQ0FM405
http://www.darknet.org.uk/2016/05/captipper-explore-malicious-http-traffic/
https://twitter.com/cyb3rops/status/734857431235207168
https://t.co/m6bsdw8SD7
http://researchcenter.paloaltonetworks.com/2016/05/operation-ke3chang-resurfaces-with-new-tidepool-malware/
https://twitter.com/cyb3rops/status/734856905244299264
https://t.co/6MRolkiE4J
https://blog.malwarebytes.org/threat-analysis/2016/05/dma-locker-4-0-known-ransomware-preparing-for-a-massive-distribution/
https://twitter.com/cyb3rops/status/734802386963701760
https://t.co/gOaxJOLxyf
https://www.govcert.admin.ch/blog/22/technical-report-about-the-ruag-espionage-case
https://twitter.com/cyb3rops/status/734486498314178561
https://t.co/DjwbKfxU0w
http://seclist.us/sshhipot-high-interaction-mitm-ssh-honeypot.html
https://twitter.com/cyb3rops/status/734207280523051008
https://t.co/zgKcWcWcxJ
http://www.bloomberg.com/news/articles/2016-05-16/twitter-to-stop-counting-photos-and-links-in-140-character-limit
https://twitter.com/cyb3rops/status/734148983572992001
https://t.co/0PmTUllNUM
http://seclist.us/nosqlmap-v0-5-1-1-automated-mongo-database-and-nosql-web-application-exploitation-tool.html
https://twitter.com/cyb3rops/status/734148061472034817
https://t.co/5nT4Ja9kBE
https://github.com/NVIDIA/nvidia-docker
https://twitter.com/cyb3rops/status/734006163008716800
https://t.co/QhXaaveCuI
https://t.co/n376bOJUN1
https://blogs.msdn.microsoft.com/kebab/2014/04/28/executing-powershell-scripts-from-c/
https://github.com/Ben0xA/nps
https://twitter.com/cyb3rops/status/733844474678251521
https://t.co/w79VfBcsTG
https://blogs.mcafee.com/mcafee-labs/attacks-swift-banking-system-benefit-insider-knowledge/
https://twitter.com/cyb3rops/status/733844328431288320
https://t.co/9KE4pw2xDO
http://www.fireeye.com/blog/threat-research/2016/05/how_rtf_malware_evad.html
https://twitter.com/cyb3rops/status/733844238551506945
https://t.co/xyrA3RSqtA
http://blog.trendmicro.com/trendlabs-security-intelligence/will-cryptxxx-replace-teslacrypt-ransomware-shakedown/
https://twitter.com/cyb3rops/status/733844165646110720
https://t.co/z1qOlCFlse
https://blogs.mcafee.com/mcafee-labs/malware-mystery-jsnemucod-downloads-legitimate-installer/
https://twitter.com/cyb3rops/status/733636121414893570
https://twitter.com/cyb3rops/status/733635221766070272
https://t.co/JiSk8dLY74
https://github.com/andlabs/libui
https://twitter.com/cyb3rops/status/733634664854757376
https://t.co/gq68a2bXHY
https://github.com/BYVoid/Batsh/blob/master/README.md
https://twitter.com/cyb3rops/status/733633002916347904
https://t.co/dHg0xbTpUt
http://www.malwaretech.com/2016/05/dridex-updates-payload-distribution.html
https://twitter.com/cyb3rops/status/733468632085192705
https://t.co/FUoRzyQubw
https://blog.malwarebytes.org/threat-analysis/2016/05/petya-and-mischa-ransomware-duet-p1/
https://twitter.com/cyb3rops/status/733349402643943425
https://t.co/d3FT9KGWB0
https://creativecommons.org/licenses/by-nc-sa/4.0/
https://twitter.com/cyb3rops/status/733345126819332096
https://twitter.com/cyb3rops/status/733343126002094080
https://t.co/rkaDrK1UEl
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1287
https://twitter.com/cyb3rops/status/733336719437635584
https://t.co/D6ujpyZYXa
https://github.com/eliangcs/http-prompt
https://twitter.com/cyb3rops/status/733301535237541888
https://t.co/ny9G7iEgen
https://blog.rootshell.be/2014/08/28/check-point-firewall-logs-and-logstash-elk-integration/
https://twitter.com/cyb3rops/status/733078864864256000
https://t.co/ipdkKDuriI
https://www.vmware.com/security/advisories/VMSA-2016-0005.html
https://twitter.com/cyb3rops/status/733074153704562688
https://twitter.com/cyb3rops/status/733023462411755520
https://t.co/P8CvUE9zC6
http://www.welivesecurity.com/2016/05/18/eset-releases-decryptor-recent-variants-teslacrypt-ransomware/
https://twitter.com/cyb3rops/status/732955525592272896
https://t.co/FMGcX2iJPR
http://www.welivesecurity.com/2016/05/18/groundbait/
https://twitter.com/cyb3rops/status/732942062757269504
https://t.co/GYXNnVY02i
https://magento.com/security/patches/magento-206-security-update
https://twitter.com/cyb3rops/status/732772845772738560
https://twitter.com/cyb3rops/status/732772605158162432
https://t.co/XrWsdLifcx
https://t.co/ck1WDAEofn
https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pub?output=xlsx
https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pub?output=ods
https://twitter.com/cyb3rops/status/732575486694559744
https://t.co/kuE7C3inuO
https://www.helpnetsecurity.com/2016/05/17/bug-symantec-anti-virus-engine/
https://twitter.com/cyb3rops/status/732573927541592064
https://t.co/aDf91NU3GZ
http://halcyon-ide.org/
https://twitter.com/cyb3rops/status/732566242108805120
https://t.co/CTnNyqgWUj
http://blog.cloudflare.com/the-sleepy-user-agent/
https://twitter.com/cyb3rops/status/732328350883151872
https://twitter.com/cyb3rops/status/732325619007148032
https://twitter.com/cyb3rops/status/732324877810728961
https://twitter.com/cyb3rops/status/732324036559142912
https://t.co/EOFrIyjHSp
https://worldofvnc.net/
https://twitter.com/cyb3rops/status/732244338936287232
https://t.co/ByMdY5TEss
http://az4n6.blogspot.com/2016/05/quicklook-python-parser-all-your-blobs.html
https://twitter.com/cyb3rops/status/732243978834284544
https://t.co/PG7vwJMcI0
http://www.darknet.org.uk/2016/05/backdoor-factory-bdf-patch-binaries-shellcode/
https://twitter.com/cyb3rops/status/731978469928734720
https://t.co/hszh3W0MAV
https://www.greyhathacker.net/?p=500
https://twitter.com/cyb3rops/status/731975419365343232
https://t.co/T5BsbZC1ea
https://virtualception.wordpress.com/
https://twitter.com/cyb3rops/status/731841760830361601
https://t.co/Wcv3KRkB5T
https://t.co/q7GhzFJPwu
https://bluesoul.me/2016/05/12/use-gpo-to-change-the-default-behavior-of-potentially-malicious-file-extensions/
https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml#
https://twitter.com/cyb3rops/status/731586719728963584
https://t.co/J8qeq71LsD
https://github.com/P0cL4bs/WiFi-Pumpkin/
https://twitter.com/cyb3rops/status/731486454346620932
https://t.co/n72AkpNhse
https://github.com/OJ/gobuster
https://twitter.com/cyb3rops/status/731483232768819200
https://t.co/3XT3ASXj6V
http://seclist.us/revdk3-acces-point-pentest-script.html
https://twitter.com/cyb3rops/status/731299858242473986
https://t.co/XsTHJgeb91
http://www.fireeye.com/blog/threat-research/2016/05/cve-2016-4117-flash-zero-day.html
https://twitter.com/cyb3rops/status/731201427926876160
https://t.co/mFkG3IaTEr
http://blog.trendmicro.com/trendlabs-security-intelligence/new-flash-vulnerability-cve-2016-4117-shares-similarities-with-older-pawn-storm-exploit/
https://twitter.com/cyb3rops/status/731167325660057600
https://t.co/doIa3g6fLE
https://github.com/donnemartin/gitsome
https://twitter.com/cyb3rops/status/731162598113198083
https://t.co/Rm1nf7o3XS
http://googleresearch.blogspot.com/2016/05/announcing-syntaxnet-worlds-most.html
https://twitter.com/cyb3rops/status/731161518163791872
https://t.co/CtENJ6xk4Q
https://malwaremusings.com/2016/05/13/analysing-cryptolocker-with-unpack-py-network-communications-part-3/
https://twitter.com/cyb3rops/status/731160743182254081
https://t.co/orqjBPhAKM
http://seclist.us/cypher-is-a-simple-tool-to-automate-adding-shellcode-to-pe-files.html
https://twitter.com/cyb3rops/status/731136176971776000
https://twitter.com/cyb3rops/status/731134229887778816
https://t.co/i6ia3WuQhk
https://t.co/EWKLn7GyB8
https://www.theobjectivestandard.com/issues/2008-winter/net-neutrality/
https://reason.com/archives/2015/04/18/how-to-break-the-internet
https://twitter.com/cyb3rops/status/731133715175383040
https://t.co/i6ia3WuQhk
https://www.theobjectivestandard.com/issues/2008-winter/net-neutrality/
https://twitter.com/cyb3rops/status/731074166493982720
https://t.co/eVMCsORw1L
http://baesystemsai.blogspot.com/2016/05/cyber-heist-attribution.html?m=1
https://twitter.com/cyb3rops/status/730865342084468738
https://t.co/FFZo4SXKFf
http://www.powertheshell.com/powershell-obfuscator/
https://twitter.com/cyb3rops/status/730863273571176448
https://t.co/skiuHOA9x6
http://www.fireeye.com/blog/threat-research/2016/05/cerber_ransomware_partners_with_Dridex.html
https://twitter.com/cyb3rops/status/730823399900123140
https://twitter.com/cyb3rops/status/730813351534710784
https://t.co/XSZlG9BmSO
https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml
https://twitter.com/cyb3rops/status/730812124881141760
https://twitter.com/cyb3rops/status/730810575064842240
https://t.co/XSZlG9BmSO
https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml
https://twitter.com/cyb3rops/status/730810177914568704
https://twitter.com/cyb3rops/status/730808319145877504
https://twitter.com/cyb3rops/status/730804179300651008
https://twitter.com/cyb3rops/status/730802786917552129
https://t.co/XSZlG9BmSO
https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml
https://twitter.com/cyb3rops/status/730802558038618112
https://twitter.com/cyb3rops/status/730800378388811777
https://twitter.com/cyb3rops/status/730787775461625856
https://twitter.com/cyb3rops/status/730757744811249664
https://t.co/UmCIaQu9OD
https://github.com/jkbrzt/httpie
https://twitter.com/cyb3rops/status/730555980673650690
https://t.co/cqElThPOyk
https://chrome.google.com/webstore/detail/hasher/kignjplbjlocolcfldfhbonmbblpfbjb
https://twitter.com/cyb3rops/status/730456055126339585
https://t.co/HDm6vsuOR0
http://blog.trendmicro.com/trendlabs-security-intelligence/pawn-storm-targets-german-christian-democratic-union/
https://twitter.com/cyb3rops/status/730354589208293378
https://t.co/ualIT6Y2xU
https://www.helpnetsecurity.com/2016/05/11/docker-security-scanning/
https://twitter.com/cyb3rops/status/730353588933931008
https://t.co/4uZmEGvnwM
http://seclist.us/droidfuzzer-a-modular-android-fuzzing-toolkit.html
https://twitter.com/cyb3rops/status/730194915993505793
https://t.co/NRCTF713t4
https://n0where.net/fast-golang-dns-proxy-grimd/
https://twitter.com/cyb3rops/status/730160398582812673
https://twitter.com/cyb3rops/status/730118660405264385
https://t.co/GOzI1ZaBup
http://seclist.us/inveigh-v1-1-1-is-a-windows-powershell-llmnrnbns-spoofer.html
https://twitter.com/cyb3rops/status/730118266312601600
https://t.co/coEPsTNVjX
http://www.fireeye.com/blog/threat-research/2016/05/windows-zero-day-payment-cards.html
https://twitter.com/cyb3rops/status/729988670997073920
https://t.co/24u4ONiaId
http://securityblog.gr/3399/fast-disassembler-decomposer-library/
https://twitter.com/cyb3rops/status/729843922575491073
https://t.co/L9QioaVKur
https://blogs.technet.microsoft.com/mmpc/2016/05/09/gamarue-nemucod-and-javascript/
https://twitter.com/cyb3rops/status/729843586653622274
https://t.co/kIZG53DY1W
http://blog.cloudflare.com/python-cloudflare/
https://twitter.com/cyb3rops/status/729843438561144836
https://t.co/ABxV3m1Edo
https://blogs.mcafee.com/mcafee-labs/49554/
https://twitter.com/cyb3rops/status/729843192946929665
https://t.co/cz2O1GZcVK
http://seclist.us/pulsar-v0-1-dev-stateful-black-box-fuzzing-of-proprietary-network-protocols.html
https://twitter.com/cyb3rops/status/729843060050411520
https://t.co/oqUWZkV4vW
https://panopticon.re/
https://twitter.com/cyb3rops/status/729797502019448833
https://t.co/SgiEUBdizy
http://blog.gdssecurity.com/labs/2016/5/9/local-request-forgery.html
https://twitter.com/cyb3rops/status/729649040930045952
https://twitter.com/cyb3rops/status/729643353487376384
https://twitter.com/cyb3rops/status/729642687687733248
https://t.co/o3NyWcscHl
https://t.co/Gcb2IHFwTL
http://detux.org/
https://github.com/detuxsandbox/detux/
https://twitter.com/cyb3rops/status/729377116479991808
https://t.co/hIyJio2EUS
https://github.com/joelpx/plasma
https://twitter.com/cyb3rops/status/729315009562546176
https://t.co/PabM8qU1gS
https://github.com/bartblaze/PHP-backdoors
https://twitter.com/cyb3rops/status/729314691093278724
https://t.co/UJjHdeRP15
http://seclist.us/npcap-v0-07-r2-is-the-nmap-projects-packet-sniffing-library-for-windows.html
https://twitter.com/cyb3rops/status/728994730185527297
https://twitter.com/cyb3rops/status/728943748395184128
https://t.co/NmIQ9pX1zc
http://windowsir.blogspot.com/2016/05/accessing-historical-information-during.html
https://twitter.com/cyb3rops/status/728919263868768256
https://t.co/UVVeUUyZ37
http://seclist.us/xcat-is-a-command-line-program-that-aides-in-the-exploitation-of-blind-xpath-injection-vulnerabilities.html
https://twitter.com/cyb3rops/status/728892668407889920
https://t.co/CkuyMwof6L
http://seclist.us/mimikatz-v2-1-alpha-20160506-oe-eo-edition-a-little-tool-to-play-with-windows-security.html
https://twitter.com/cyb3rops/status/728666134514388993
https://t.co/7JhcuwN9Va
http://www.darknet.org.uk/2016/05/wafw00f-fingerprint-identify-web-application-firewall-waf-products/
https://twitter.com/cyb3rops/status/728642858853511173
https://t.co/0dz4kGGehg
https://zeltser.com/honeytokens-canarytokens-setup/
https://twitter.com/cyb3rops/status/728568493168283650
https://t.co/UARrpeKkVK
http://pwc.blogs.com/cyber_security_updates/2016/05/exploring-cve-2015-2545-and-its-users.html
https://twitter.com/cyb3rops/status/728500676767158272
https://t.co/6rlRplzM3B
http://seclist.us/atscan-v8-5-stable-perl-script-for-vulnerable-server-site-and-dork-scanner.html
https://twitter.com/cyb3rops/status/728497636072927232
https://t.co/fzvXfoB2EI
http://blog.eckelberry.com/a-bomb-just-dropped-in-endpoint-security-and-im-not-sure-anyone-noticed/
https://twitter.com/cyb3rops/status/728309767052111875
https://t.co/OnBYnTNKfA
https://blog.cylance.com/an-introduction-to-alphalocker
https://twitter.com/cyb3rops/status/728309148778176512
https://t.co/FTvaLqWwxP
https://www.sentinelone.com/blogs/sophisticated-new-packer-identified-in-cryptxxx-ransomware-sample/
https://twitter.com/cyb3rops/status/728308830736683008
https://t.co/fpLQk4W40W
http://www.fireeye.com/blog/threat-research/2016/05/exploiting_cve-2016-.html
https://twitter.com/cyb3rops/status/728308483230183424
https://t.co/2QGcjkzgl0
http://resources.infosecinstitute.com/snort-lab-activate-dynamic-rules/
https://twitter.com/cyb3rops/status/728307923932332032
https://t.co/k1g3O2WpV4
http://arstechnica.com/security/2016/05/5-year-old-android-vulnerability-exposes-texts-and-call-histories/
https://twitter.com/cyb3rops/status/728081611988738048
https://t.co/2D23Bqt5Vm
http://blog.virustotal.com/2016/05/maintaining-healthy-community.html
https://twitter.com/cyb3rops/status/727991776217288706
https://t.co/YHDbAcjkdL
http://blog.fortinet.com/post/a-new-variant-of-locky-leaking-out
https://twitter.com/cyb3rops/status/727895783756967936
https://twitter.com/cyb3rops/status/727882692394618880
https://twitter.com/cyb3rops/status/727881933556953088
https://t.co/7WsbZd3y3p
https://www.bsk-consulting.de/2016/05/04/how-to-fall-victim-to-apt/
https://twitter.com/cyb3rops/status/727871153042272256
https://t.co/wPLJJDOdr8
http://www.threatgeek.com/2016/05/turbo-twist-two-64-bit-derusbi-strains-converge.html
https://twitter.com/cyb3rops/status/727745376850202624
https://t.co/0w6RPme991
http://blog.trendmicro.com/trendlabs-security-intelligence/lost-door-rat-accessible-customizable-attack-tool/
https://twitter.com/cyb3rops/status/727745173426425857
https://t.co/SyhWhktx7I
http://blog.talosintel.com/2016/05/angler-phish.html
https://twitter.com/cyb3rops/status/727547382016122880
https://t.co/F2Dt0eXM0K
https://blog.malwarebytes.org/101/2016/05/process-explorer-an-introduction/
https://twitter.com/cyb3rops/status/727545099182329856
https://t.co/A0jyq8zTpT
https://blog.netspi.com/using-powershell-identify-federated-domains/
https://twitter.com/cyb3rops/status/727389388624240641
https://twitter.com/cyb3rops/status/727185437303955456
https://t.co/XkHVc07f7X
http://blogs.cisco.com/security/talos/cryptolocker-4-white-paper
https://twitter.com/cyb3rops/status/727103224344367104
https://t.co/97pRrWIcl5
http://maltego.blogspot.com/2016/05/network-footing-printing-with-maltego.html
https://twitter.com/cyb3rops/status/727059409457844224
https://twitter.com/cyb3rops/status/726905953493368832
https://t.co/DaQ405aqQS
https://github.com/trivago/gollum/blob/master/README.md
https://twitter.com/cyb3rops/status/726665351019290624
https://t.co/IsFd99rG7s
http://seclist.us/mimikatz-v2-1-alpha-20160501-oe-eo-edition-a-little-tool-to-play-with-windows-security.html
https://twitter.com/cyb3rops/status/726540123685441538
https://t.co/kK8xUqzOKG
https://t.co/s2YQuJMBhc
https://4sysops.com/archives/evaluating-nano-server-in-windows-server-2016-tp4/
https://twitter.com/jsnover/status/726442751370231808
https://twitter.com/cyb3rops/status/726538577883062272
https://t.co/t9QjABpbSy
https://github.com/rapid7/metasploit-framework/pull/6801
https://twitter.com/cyb3rops/status/726497258313777153
https://t.co/XZaccj2HtR
https://github.com/Neo23x0/Loki/pull/42
https://twitter.com/cyb3rops/status/726307523163205632
https://t.co/a7vGoNUEbX
https://www.coati.io
https://twitter.com/cyb3rops/status/726305227222212608
https://t.co/vE04CZylk9
http://seclist.us/owasp-vbscan-v0-1-6-is-a-black-box-vbulletin-vulnerability-scanner.html
https://twitter.com/cyb3rops/status/726195647796367360
https://t.co/BsvZCqrgu0
https://community.rapid7.com/community/insightidr/blog/2016/04/29/detect-corporate-identity-theft-with-a-new-intruder-trap-honey-credentials
https://twitter.com/cyb3rops/status/726194489891688449
https://t.co/0zpMcTJB4Z
http://seclist.us/protein-powershell-anti-ransomware.html
https://twitter.com/cyb3rops/status/726193317462069248
https://twitter.com/cyb3rops/status/726021897037697024
https://t.co/Jt6r9dkIIL
http://www.contextis.com/resources/blog/rdp-replay-code-release/
https://twitter.com/cyb3rops/status/725982986311704576
https://t.co/iJYJi7oVax
http://blog.virustotal.com/2013/04/virustotal-pcap-analyzer.html
https://twitter.com/cyb3rops/status/725948007527538688
https://t.co/25mlctQ1WS
https://web.archive.org/web/20160412151623/https://technet.microsoft.com/en-us/sysinternals/sysmon
https://twitter.com/cyb3rops/status/725943240336101377
https://t.co/0SounBKPRh
https://blogs.technet.microsoft.com/sysinternals/2016/04/28/update-sysmon-v4-procdump-v8-sigcheck-v2-51/
https://twitter.com/cyb3rops/status/725943006583361536
https://t.co/Uv8vXKeWx7
http://blog.trendmicro.com/trendlabs-security-intelligence/locky-ransomware-spreads-flash-windows-kernel-exploits/
https://twitter.com/cyb3rops/status/725942793785335808
https://t.co/eu731NARgh
http://seclist.us/rspet-v0-0-5-reverse-shell-and-post-exploitation-tool.html
https://twitter.com/cyb3rops/status/725760979917746177
https://t.co/daqQQwFXdD
https://twitter.com/josephfcox/status/725755977916661762
https://twitter.com/cyb3rops/status/725746760577126404
https://twitter.com/cyb3rops/status/725696170677383168
https://twitter.com/cyb3rops/status/725613382938845185
https://twitter.com/cyb3rops/status/725572773624582145
https://t.co/dOZHx7gsMv
http://seclist.us/backdoorgolang-is-a-backdoor-with-golang-cross-platform.html
https://twitter.com/cyb3rops/status/725572291761963009
https://t.co/cuIkevGRvK
http://seclist.us/nishang-v0-6-5-powershell-for-penetration-testing-and-offensive-security.html
https://twitter.com/cyb3rops/status/725421162814148608
https://t.co/X0lAX0O1RF
http://www.economyofmechanism.com/office365-authbypass.html
https://twitter.com/cyb3rops/status/725411492099690497
https://t.co/n0Zp4PTR7I
http://arstechnica.com/security/2016/04/german-nuclear-plants-fuel-rod-system-swarming-with-old-malware/
https://twitter.com/cyb3rops/status/725409750519808000
https://t.co/cU8NaYDOvh
https://blogs.mcafee.com/mcafee-labs/cve-2016-0018-dll-planting-leads-to-a-remote-code-execution-vulnerability/
https://twitter.com/cyb3rops/status/725354167506706434
https://twitter.com/cyb3rops/status/725210860604547072
https://t.co/l0nr1PFBEy
https://blogs.technet.microsoft.com/mmpc/2016/04/26/digging-deep-for-platinum/
https://twitter.com/cyb3rops/status/725090882010140673
https://twitter.com/cyb3rops/status/725077271543963649
https://t.co/q7GhzFJPwu
https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml#
https://twitter.com/cyb3rops/status/725059976247533568
https://twitter.com/cyb3rops/status/725056716023422976
https://t.co/ec7rDxW7IK
https://blogs.mcafee.com/mcafee-labs/macro-malware-employs-advanced-obfuscation-to-avoid-detection/
https://twitter.com/cyb3rops/status/725005975447547905
https://t.co/2QGcjkzgl0
http://resources.infosecinstitute.com/snort-lab-activate-dynamic-rules/
https://twitter.com/cyb3rops/status/725005539583877120
https://t.co/jttKzmMak0
http://www.fireeye.com/blog/threat-research/2016/04/rumms-android-malware.html
https://twitter.com/cyb3rops/status/725004877127110656
https://t.co/bOgq1FoSbm
http://blog.checkpoint.com/2016/04/26/how-ransomware-and-malware-use-microsoft-windows-known-binaries/
https://twitter.com/cyb3rops/status/724880859153752064
https://t.co/s6gUErqBig
https://www.virustotal.com/en/file/abd883dd4c3ae03c4c9034e6539adc08c72f0f131e4b8912871489d0b81f423f/analysis/
https://twitter.com/cyb3rops/status/724874106689196033
https://t.co/ddumZpeCAu
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_regsrv32_issue.yar
https://twitter.com/cyb3rops/status/724702053185032193
https://t.co/XSZlG9BmSO
https://t.co/IoWvTVWhZi
https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml
https://twitter.com/dimitribest/status/724653706160029701
https://twitter.com/cyb3rops/status/724550308786016261
https://t.co/5pXv7XJQcV
https://www.helpnetsecurity.com/2016/04/25/critical-flaws-hp-data-protector/
https://twitter.com/cyb3rops/status/724549866534363137
https://t.co/nWJd1T7QNl
http://blog.trendmicro.com/trendlabs-security-intelligence/new-fareit-strain-delivered-abusing-powershell/
https://twitter.com/cyb3rops/status/724549023810609152
https://t.co/Vd4dQCDoHx
https://github.com/graphitemaster/moreram/blob/master/README.md
https://twitter.com/cyb3rops/status/724483594232709120
https://t.co/hwYeyvwyVQ
http://seclist.us/routersploit-v2-0-0-router-exploitation-framework.html
https://twitter.com/cyb3rops/status/724375114159149056
https://t.co/8MezRovP8x
https://github.com/Yelp/elastalert/blob/master/README.md
https://twitter.com/cyb3rops/status/724285450572169216
https://t.co/Zd2axuHw1P
https://adsecurity.org/?p=2843
https://twitter.com/cyb3rops/status/724284777017298944
https://t.co/xHK9IEDYGD
https://cyberarms.wordpress.com/2016/04/24/shodan-search-reveals-open-cloud-control-panels/
https://twitter.com/cyb3rops/status/724225038765965312
https://t.co/ZYC9Z2nQBh
https://glot.io/
https://twitter.com/cyb3rops/status/723943670215499776
https://t.co/0pgdkhQAVn
http://securitylogsanalysis.blogspot.de/2016/04/analysis-of-endpoint-logs-with-splunk.html
https://twitter.com/cyb3rops/status/723784500732370944
https://t.co/VgKch7NAhd
https://t.co/mCZT9cU9Rg
http://www.alexkras.com/getting-started-with-git/
https://try.github.io/levels/1/challenges/1
https://twitter.com/cyb3rops/status/723653558822948868
https://t.co/GOPE3kZTld
https://github.com/Pwdrkeg/honeyport
https://twitter.com/cyb3rops/status/723621033287229444
https://t.co/Sb69iod2jf
http://www.brimorlabsblog.com/2016/04/very-quick-blog-post-on-squiblydoo.html
https://twitter.com/cyb3rops/status/723578976808120320
https://t.co/ku05BbIucT
https://t.co/Ysqf8e0LEg
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_nanocore_rat.yar
https://www.virustotal.com/en/file/70cd63cbb033bf973b92e603c3c383875ce9efa220dd831af9661db2ea21101c/analysis/
https://twitter.com/cyb3rops/status/723488440512307200
https://t.co/exmmrlKhWg
https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
https://twitter.com/cyb3rops/status/723471317132038144
https://t.co/kG7xnTBgWH
https://github.com/RUB-NDS/TLS-Attacker
https://twitter.com/cyb3rops/status/723470459237470208
https://t.co/9MWBSAgmxH
https://nakedsecurity.sophos.com/2016/04/22/anonymous-launches-onionirc-a-school-for-hacktivists-on-the-dark-web/
https://twitter.com/cyb3rops/status/723395000113885188
https://t.co/ltypzSr0k8
http://researchcenter.paloaltonetworks.com/2016/04/unit42-new-poison-ivy-rat-variant-targets-hong-kong-pro-democracy-activists/
https://twitter.com/cyb3rops/status/723194996040601600
https://t.co/wJNAuVrRbg
https://threatpost.com/new-mit-scanner-finds-web-app-flaws-in-a-minute/117482/
https://twitter.com/cyb3rops/status/723191941802954752
https://t.co/vdlpw7jegi
http://blog.trendmicro.com/trendlabs-security-intelligence/looking-into-a-cyber-attack-facilitator-in-the-netherlands/
https://twitter.com/cyb3rops/status/723171473083473920
https://t.co/V09pdiQjjZ
http://karriere.fraport.de/recruso/onbw?navigItem=fraport&action=showjob&jobID=5269&site=&language=#
https://twitter.com/cyb3rops/status/723049459173736448
https://twitter.com/cyb3rops/status/723039035430719488
https://t.co/UW789YQ2UM
https://github.com/ztgrace/changeme
https://twitter.com/cyb3rops/status/722873566409191424
https://t.co/oNbWdhne2r
https://blog.anomali.com/targeted-ransomware-activity
https://twitter.com/cyb3rops/status/722872072687521792
https://t.co/ESWeIDspIE
https://community.rapid7.com/community/infosec/blog/2016/04/20/using-the-national-vunerability-database-to-reveal-vulnerability-trends-over-time
https://twitter.com/cyb3rops/status/722838857151066112
https://t.co/VftU5QaNjt
http://blogs.cisco.com/security/talos/threat-spotlight-exploit-kit-goes-international-hits-150-countries
https://twitter.com/cyb3rops/status/722801945409363968
https://t.co/XCQz5pNLw0
https://reaqta.com/2016/04/nemucod-meets-7zip-to-launch-ransomware/
https://twitter.com/cyb3rops/status/722798096867061760
https://t.co/azr5sXU5A4
http://maltego.blogspot.com/2016/04/abracadabra-its-shodan-time.html
https://twitter.com/cyb3rops/status/722712682583953408
https://t.co/hGWR2f5Td6
https://id-ransomware.malwarehunterteam.com/
https://twitter.com/cyb3rops/status/722712246263132160
https://twitter.com/cyb3rops/status/722709399316402176
https://t.co/XSZlG9BmSO
https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml
https://twitter.com/cyb3rops/status/722556102332846082
https://t.co/JNCsUItD3y
http://seclist.us/east-v0-9-13-exploits-and-security-tools-framework.html
https://twitter.com/cyb3rops/status/722519735531937792
https://twitter.com/cyb3rops/status/722517621611085824
https://twitter.com/cyb3rops/status/722512495194324996
https://twitter.com/cyb3rops/status/722511705566220288
https://twitter.com/cyb3rops/status/722511405312815104
https://twitter.com/cyb3rops/status/722506184557772800
https://twitter.com/cyb3rops/status/722498242303422467
https://twitter.com/cyb3rops/status/722496679132459009
https://twitter.com/cyb3rops/status/722486500647124993
https://twitter.com/cyb3rops/status/722486153413337088
https://twitter.com/cyb3rops/status/722485483503267842
https://twitter.com/cyb3rops/status/722481133422800896
https://twitter.com/cyb3rops/status/722470108422127618
https://twitter.com/cyb3rops/status/722464785925873665
https://t.co/wGosgPv4CN
https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/
https://twitter.com/cyb3rops/status/722459544190906368
https://twitter.com/cyb3rops/status/722415310373023744
https://t.co/PJWhGScnMH
https://twitter.com/nyxbone/status/715675420159508480
https://twitter.com/cyb3rops/status/722411874340446209
https://t.co/NqPzzuqZKu
https://www.fireeye.com/blog/threat-research/2016/04/multigrain_pointo.html
https://twitter.com/cyb3rops/status/722386023062355968
https://t.co/F53XaCAKuN
https://github.com/pan-unit42/iocs/issues/1
https://twitter.com/cyb3rops/status/722364145744625664
https://t.co/2sDy37u60a
http://researchcenter.paloaltonetworks.com/2016/04/unit42-python-based-pwobot-targets-european-organizations/
https://twitter.com/cyb3rops/status/722179840875454464
https://t.co/kbjoVWx06M
http://securityblog.gr/3355/dalvik-dex-format-assembler-and-disassembler/
https://twitter.com/cyb3rops/status/722179424892928000
https://t.co/teDnCLaSvf
https://security.googleblog.com/2016/04/helping-webmasters-re-secure-their-sites.html
https://twitter.com/cyb3rops/status/722053419620556806
https://t.co/aXWSmhwG5w
https://citizenlab.org/2016/04/between-hong-kong-and-burma/
https://twitter.com/cyb3rops/status/722049953380638722
https://t.co/HjKyJ8NRDv
https://www.arbornetworks.com/blog/asert/four-element-sword-engagement/
https://twitter.com/cyb3rops/status/722008529259900930
https://t.co/xRZzCyEYVh
https://stackoverflow.com/questions/9066609/fastest-possible-grep
https://twitter.com/cyb3rops/status/721987087659048961
https://t.co/QTzwuSzfp6
http://www.tuxad.de/blog/archives/2010/09/17/gnu_grep_speed_comparison_fixed_strings/
https://twitter.com/cyb3rops/status/721622684493357056
https://t.co/wQW8biDKdn
http://seclist.us/luamalwaretoolkit-is-a-toolkit-to-assemble-viruses-for-penetration-testing-on-various-platforms.html
https://twitter.com/cyb3rops/status/721622173568352257
https://t.co/9LKe0sxAPR
https://github.com/ngalongc/AutoLocalPrivilegeEscalation
https://twitter.com/cyb3rops/status/721441385052835840
https://t.co/EY6mwhxJrG
https://github.com/larsbrinkhoff/awesome-cpus
https://twitter.com/cyb3rops/status/721349353164697600
https://t.co/btcXD4K8Tq
https://code.visualstudio.com/blogs
https://twitter.com/cyb3rops/status/721328316385468416
https://t.co/b25mBTu5zg
https://hacked.com/microsoft-sues-u-s-government-customer-privacy/
https://twitter.com/cyb3rops/status/721127932282974208
https://t.co/I5kToHyNax
http://www.fireeye.com/blog/threat-research/2016/04/cve-2016-1019_a_new.html
https://twitter.com/cyb3rops/status/721101092042448897
https://t.co/534nUT4Ha7
http://gifox.io/
https://twitter.com/cyb3rops/status/721086862836805632
https://t.co/LFAEm9smrB
http://wttr.in/frankfurt
https://twitter.com/cyb3rops/status/721018223387348992
https://t.co/MVvsikFj2M
http://blog.talosintel.com/2016/04/jboss-backdoor.html?m=1
https://twitter.com/cyb3rops/status/720931440746217476
https://t.co/wxwQhaHEMZ
https://www.bsk-consulting.de/2016/04/15/how-to-write-simple-but-sound-yara-rules-part-3/
https://twitter.com/cyb3rops/status/720851552039088128
https://t.co/pWkOxV3bWR
https://blogs.mcafee.com/mcafee-labs/cve-2016-0153-typo-leads-microsoft-ole-patch/
https://twitter.com/cyb3rops/status/720851387823693826
https://t.co/9VgwVWPxiL
http://arstechnica.com/security/2016/04/apple-stops-patching-quicktime-for-windows-despite-2-active-vulnerabilities/
https://twitter.com/cyb3rops/status/720747298716782592
https://t.co/rBYKsBQVtq
http://www.scmagazine.com/swedens-airspace-shut-down-by-russian-apt-not-a-solar-storm/article/489572/
https://twitter.com/cyb3rops/status/720611886975344640
https://t.co/e1UGwb2mtu
https://securityintelligence.com/got-wordpress-php-c99-webshell-attacks-increasing/
https://twitter.com/cyb3rops/status/720582878753632256
https://t.co/885TB4forK
https://www.blueliv.com/corporate/here-is-the-blueliv-threat-exchange-network/
https://twitter.com/cyb3rops/status/720480419163058176
https://t.co/AEvbTrXoMs
https://github.com/PalmerAL/min/
https://twitter.com/cyb3rops/status/720479591249391617
https://t.co/dWUpbGgenS
http://www.hecfblog.com/2016/04/daily-blog-373-automating-dfir-with.html?m=1
https://twitter.com/cyb3rops/status/720254713099378688
https://twitter.com/cyb3rops/status/720127009968545792
https://t.co/Ce4MxOvd2a
https://techanarchy.net/2016/04/volutility-a-web-front-end-for-the-volatility-framework/
https://twitter.com/cyb3rops/status/720126832893419520
https://t.co/Zya1Axgkcj
http://www.hecfblog.com/2016/04/daily-blog-372-automating-dfir-with.html?m=1
https://twitter.com/cyb3rops/status/720022206894485504
https://t.co/TDP896AEiF
https://t.co/ViC00YO2Jh
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_rtf_anti_analysis.yar
http://pastebin.com/AZR09vj2
https://twitter.com/cyb3rops/status/719972055823880194
https://t.co/gETCcmHqMa
https://community.rapid7.com/community/infosec/blog/2016/04/12/on-badlock-cve-2016-2118-for-samba-and-windows
https://twitter.com/cyb3rops/status/719905140631801856
https://t.co/Rin1xUfxAY
http://phishme.com/rockloader-new-upatre-like-downloader-pushed-dridex-downloads-malwares/
https://twitter.com/cyb3rops/status/719905054082342917
https://t.co/tnmnW8xn7b
http://codewhitesec.blogspot.com/2016/04/infiltrate16-slidedeck-java-deserialization.html
https://twitter.com/cyb3rops/status/719840493769777152
https://t.co/FqOLYa3E4B
https://github.com/snare/voltron
https://twitter.com/cyb3rops/status/719773194798960640
https://twitter.com/cyb3rops/status/719664712284315648
https://t.co/uBrfD7LctF
http://blog.checkpoint.com/2016/04/11/new-locky-variant-implements-evasion-techniques/
https://twitter.com/cyb3rops/status/719664196871393281
https://t.co/GxqflGo0wl
https://github.com/ant4g0nist/lisa.py/blob/master/README.md
https://twitter.com/cyb3rops/status/719565166875123713
https://t.co/aZU0CvUaBi
https://blog.gdatasoftware.com/2016/04/28234-manamecrypt-a-ransomware-that-takes-a-different-route
https://twitter.com/cyb3rops/status/719552242072829953
https://t.co/ufxGc3iK1f
http://blog.talosintel.com/2016/04/ransomware.html
https://twitter.com/cyb3rops/status/719551506656149506
https://t.co/h7Cyn82VeY
https://blog.netspi.com/maintaining-persistence-via-sql-server-part-2-triggers/
https://twitter.com/cyb3rops/status/719507380652875777
https://t.co/e0CptmTcPd
http://blog.trendmicro.com/trendlabs-security-intelligence/mobile-devices-used-to-execute-dns-malware-against-home-routers/
https://twitter.com/cyb3rops/status/719477454298071041
https://t.co/91VGjXxNfI
https://twitter.com/veorq/status/719477096809177089
https://twitter.com/cyb3rops/status/719445655400419328
https://t.co/5Jdt80UfHR
https://twitter.com/SarahJamieLewis/status/718968965746311168
https://twitter.com/cyb3rops/status/719434352397049856
https://t.co/1h4VWQKTOV
https://technet.microsoft.com/en-us/dn785092.aspx
https://twitter.com/cyb3rops/status/719160270451511296
https://twitter.com/cyb3rops/status/719159818712453120
https://twitter.com/cyb3rops/status/718940971157884931
https://t.co/uVubSu0Xdf
http://holisticinfosec.blogspot.com/2016/04/toolsmith-115-volatility-acuity-with.html
https://twitter.com/cyb3rops/status/718805775364276224
https://t.co/uNkH6YbtBv
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_apt6_malware.yar
https://twitter.com/cyb3rops/status/718682356043882498
https://t.co/IzMVoOI88w
https://github.com/gabrielrcouto/php-gui
https://twitter.com/cyb3rops/status/718582818608123904
https://t.co/O8uCRpFPa7
https://www.praetorian.com/blog/gladius-automatic-responder-cracking
https://twitter.com/cyb3rops/status/718581515509219328
https://t.co/VR10gT3y8V
http://blog.talosintel.com/2016/04/nuclear-tor.html
https://twitter.com/cyb3rops/status/718543183769112576
https://t.co/kLvSHbe23g
http://www.reddit.com/r/Malware/comments/4dy2dx/samas_ransomware_help/
https://twitter.com/cyb3rops/status/718485273106083840
https://t.co/YDYCeIru5G
http://blog.trendmicro.com/trendlabs-security-intelligence/look-adobe-flash-player-cve-2016-1019-zero-day-vulnerability/
https://twitter.com/cyb3rops/status/718483914029985792
https://t.co/0T9Rxxh5xj
http://blog.portswigger.net/2016/04/introducing-burp-projects.html
https://twitter.com/cyb3rops/status/718483730764009474
https://t.co/sryEhHBXxQ
https://github.com/packetzoom/logzoom
https://twitter.com/cyb3rops/status/718448268443824128
https://t.co/aErB6H3U5W
http://blog.hackersonlineclub.com/2016/04/ehtrace-tool-for-tracing-execution-of.html
https://twitter.com/cyb3rops/status/718319016629116928
https://t.co/I5kToHyNax
http://www.fireeye.com/blog/threat-research/2016/04/cve-2016-1019_a_new.html
https://twitter.com/cyb3rops/status/718318926581669888
https://t.co/ri0d74FbTo
http://seclist.us/v3n0mscanner-v4-0-4-a-tool-to-automate-mass-sqli-d0rk-scanner.html
https://twitter.com/cyb3rops/status/718318859397308416
https://t.co/9AuoVCQNdP
http://blog.jpcert.or.jp/2016/04/php-files-in-cms-targeted-for-alteration.html
https://twitter.com/cyb3rops/status/718214613658169344
https://t.co/hFWHLXO1lE
http://www.hecfblog.com/2016/04/daily-blog-367-automating-dfir-with.html?m=1
https://twitter.com/cyb3rops/status/718193549234348036
https://t.co/zU0GNONsCU
http://blog.talosintel.com/2016/04/adobe-0-day.html
https://twitter.com/cyb3rops/status/718193468485603331
https://t.co/lAqVCSi0Yo
https://technet.microsoft.com/en-us/library/security/MS13-082
https://twitter.com/cyb3rops/status/718106605598990338
https://t.co/8udIhCgJad
https://securityintelligence.com/unraveling-zeus-maples-stealth-loader/
https://twitter.com/cyb3rops/status/717959179055538177
https://t.co/jMxQzCIYSh
http://seclist.us/powercat-updates-a-powershell-tcpip-swiss-army-knife-that-works-with-netcat-ncat.html
https://twitter.com/cyb3rops/status/717844936197017600
https://t.co/63UQrVgFdo
https://twitter.com/SophosLabs/status/717792793700220929
https://twitter.com/cyb3rops/status/717831824584667136
https://t.co/SriGodEsTt
https://community.rapid7.com/community/metasploit/blog/2016/04/06/securing-your-metasploit-logs
https://twitter.com/cyb3rops/status/717715116578447361
https://t.co/AhLtajHrCZ
http://blog.trendmicro.com/trendlabs-security-intelligence/root-cause-analysis-recent-flash-zero-day-vulnerability-cve-2016-1010/
https://twitter.com/cyb3rops/status/717714954967785472
https://t.co/xDABvzKRKY
https://securelist.com/blog/research/74398/locky-the-encryptor-taking-the-world-by-storm/
https://twitter.com/cyb3rops/status/717714241625702400
https://t.co/tlPYGcVdXv
https://www.helpnetsecurity.com/2016/04/06/broken-ibm-java-patch/
https://twitter.com/cyb3rops/status/717713797704781824
https://t.co/iwAwEimkyt
https://github.com/amaboura/panama-papers-dataset-2016/blob/master/README.md
https://twitter.com/cyb3rops/status/717624016723447808
https://t.co/WsX5VMtspW
https://t.co/CllYs16QsP
https://www.cryptolux.org/index.php/Argon2
https://twitter.com/jedisct1/status/717617004862169088
https://twitter.com/cyb3rops/status/717611579261497344
https://t.co/eEBvRhpbRE
https://t.co/Fsm8pfagml
https://www.virustotal.com/en/file/98806a36d2569ef74c03412d06f3f1116840c15921ab32e0b95430618c7373fb/analysis/
http://pastebin.com/0ZEWvjsC
https://twitter.com/cyb3rops/status/717599398994255872
https://t.co/7YoqgfxrwB
https://github.com/tsenart/vegeta
https://twitter.com/cyb3rops/status/717598644178972673
https://t.co/396h79P8UC
http://seclist.us/faraday-v1-0-18-collaborative-penetration-test-and-vulnerability-management-platform.html
https://twitter.com/cyb3rops/status/717482646759190533
https://t.co/fOyJFLQNda
http://www.harmj0y.net/blog/empire/empires-restful-api/
https://twitter.com/cyb3rops/status/717481761442283523
https://t.co/ICIst6RRQr
http://arstechnica.com/security/2016/04/noscript-and-other-popular-firefox-add-ons-open-millions-to-new-attack/
https://twitter.com/cyb3rops/status/717391735878524929
https://t.co/Q53ef1oWwa
http://community.hpe.com/t5/Security-Research/Subtle-shift-in-Microsoft-s-patching-policy-could-have-wide/ba-p/6847725
https://twitter.com/cyb3rops/status/717365716731695104
https://t.co/gpvBponDDC
https://github.com/kevthehermit/RATDecoders
https://twitter.com/cyb3rops/status/717356590471503872
https://t.co/pt6Rid6ns1
http://resources.infosecinstitute.com/snort-tracking-exploit-progress-with-flowbits/
https://twitter.com/cyb3rops/status/717356276188057600
https://t.co/fxJdgYejSB
http://windowsir.blogspot.com/2016/04/windows-registry-forensics-2e.html
https://twitter.com/cyb3rops/status/717266028783411200
https://t.co/aWOiWAenT4
https://jon.glass/deals_with_rogue_users/
https://twitter.com/cyb3rops/status/717240001679982592
https://t.co/UPPYVr2JR9
https://twitter.com/infosectactico/status/717200333450186757
https://twitter.com/cyb3rops/status/717059593105498112
https://t.co/70zqZ4G9tC
http://blog.checkpoint.com/2016/04/04/new-locky-ransomware-variant-implementing-changes-in-communication-patterns/
https://twitter.com/cyb3rops/status/717032825761955840
https://t.co/CxUAIaTei3
https://blog.hboeck.de/archives/880-Pwncloud-bad-crypto-in-the-Owncloud-encryption-module.html
https://twitter.com/cyb3rops/status/717032602641809408
https://t.co/Eo3Y6NKeaE
http://www.toolswatch.org/2016/04/shellsploit-new-generation-exploit-development-kit/
https://twitter.com/cyb3rops/status/717032551525793792
https://t.co/35llUfcIFZ
http://www.toolswatch.org/2016/04/autonessus-python-script-to-communicate-with-nessus-api/
https://twitter.com/cyb3rops/status/717031868823117825
https://t.co/uOJCuIvaNY
https://blogs.technet.microsoft.com/jepayne/2016/04/04/when-the-manual-is-not-enough-runas-netonly-unexpected-credential-exposure-and-the-need-for-reality-based-holistic-threat-models/
https://twitter.com/cyb3rops/status/716991282900574209
https://t.co/rSWCAVQAcZ
https://t.co/VWC72aLN9v
https://www.virustotal.com/en/file/a50330d42865111585a353918f29b3c8379ef664beb27cfd772f42937cf5d8dc/analysis/
https://www.virustotal.com/en/file/3e7a12bf7863b492974b709b9732d40e95a79c81e71ca0072284d61efce9cf87/analysis/
https://twitter.com/cyb3rops/status/716941046123511808
https://t.co/9cyqWfx08a
https://t.co/Z4UJEirftn
https://www.virustotal.com/en/file/101fbd424c55379e65aeb8f26617c474dec05247ca00da5aa17a349f751d3438/analysis/
https://www.hybrid-analysis.com/sample/101fbd424c55379e65aeb8f26617c474dec05247ca00da5aa17a349f751d3438?environmentId=4
https://twitter.com/cyb3rops/status/716879813227708416
https://t.co/ga4a1UUUhE
https://twitter.com/rotlogix/status/716253653049315329
https://twitter.com/cyb3rops/status/716660873159421953
https://t.co/KxYeGenUdV
https://github.com/iovisor/bcc
https://twitter.com/cyb3rops/status/716396880834465793
https://t.co/LKcCHB0BOf
http://seclist.us/whatspwn-linux-tool-used-to-extract-sensitive-data-inject-backdoor-or-drop-remote-shells-on-android-devices.html
https://twitter.com/cyb3rops/status/716337849046540288
https://t.co/gL70kB3SZn
https://blog.malwarebytes.org/threat-analysis/exploits-threat-analysis/2016/04/magnitude-ek-malvertising-campaign-adds-fingerprinting-gate/
https://twitter.com/cyb3rops/status/716159799726055424
https://t.co/fHxnj6agik
https://www.trustwave.com/Resources/SpiderLabs-Blog/Intercepting-SSL-And-HTTPS-Traffic-With-mitmproxy-and-SSLsplit/
https://twitter.com/cyb3rops/status/716159663750905856
https://t.co/72vY0t6Elm
http://seclist.us/darkobserver-updates-windows-powershell-domain-scanning-tool.html
https://twitter.com/cyb3rops/status/716035584754630656
https://t.co/qoGnFXDbZ0
http://www.darknet.org.uk/2016/04/responder-llmnr-mdns-nbt-ns-poisoner/
https://twitter.com/cyb3rops/status/715977718991597569
https://t.co/UsRxxMIlcP
http://blog.hackersonlineclub.com/2016/04/shocker-tool-to-find-and-exploit.html
https://twitter.com/cyb3rops/status/715942497063559169
https://twitter.com/cyb3rops/status/715940921896996866
https://t.co/7l6UNxi6XL
https://labs.mwrinfosecurity.com/blog/persistence-architecture-matters/
https://twitter.com/cyb3rops/status/715928179249176576
https://t.co/IaZpikwZI2
https://t.co/AuTwRzsmqU
https://t.co/uSRQpKikmt
https://www.virustotal.com/en/file/5187f1430f63cf25741f543b59f331fbc5cc049268ca3e5d344a007ca07d1179/analysis/
https://www.hybrid-analysis.com/sample/5187f1430f63cf25741f543b59f331fbc5cc049268ca3e5d344a007ca07d1179?environmentId=1
https://otx.alienvault.com/indicator/domain/drivres-update.info/
https://twitter.com/cyb3rops/status/715819228977299456
https://t.co/XuIuHzRuGt
https://www.virustotal.com/en/file/8b2bce5ca2333a90000390c189b8f1019ce3732efad50f5b9661a44ffa06985e/analysis/
https://twitter.com/cyb3rops/status/715783343187558401
https://t.co/mVdqJgOQth
http://seclist.us/empire-v1-5-powershell-post-exploitation-agent.html
https://twitter.com/cyb3rops/status/715782702432133120
https://t.co/egLv4j5ocV
http://seclist.us/rooty-updates-libpcap-based-icmp-encrypted-backdoor-for-linux.html
https://twitter.com/cyb3rops/status/715570798732378113
https://t.co/yDHkSeFKjD
https://blog.gdatasoftware.com/2016/03/28226-ransomware-petya-a-technical-review
https://twitter.com/cyb3rops/status/715570195834806272
https://t.co/TwYOoKS0Ua
https://www.insinuator.net/2016/03/i-have-the-powerview-offensive-active-directory-with-powershell/
https://twitter.com/cyb3rops/status/715525430418255876
https://t.co/yBtUSjvA7m
https://www.insinuator.net/2016/03/mind-the-gap-exploit-free-whitelisting-evasion-tactics/
https://twitter.com/cyb3rops/status/715440897702436864
https://t.co/nbGxW7RVZi
http://seclist.us/eli-decode-is-a-tool-to-decode-obfuscated-shellcodes-using-the-unicorn-engine.html
https://twitter.com/cyb3rops/status/715440680793976833
https://t.co/897GxftUmu
https://blog.malwarebytes.org/threat-analysis/exploits-threat-analysis/2016/03/top-exploit-kits-round-up-march-edition/
https://twitter.com/cyb3rops/status/715312995568644096
https://t.co/Rwa31AMGyZ
https://www.recordedfuture.com/madness-bot-evaluation/
https://twitter.com/cyb3rops/status/715262317211099136
https://t.co/MMODdQa29p
http://www.theverge.com/2016/3/30/11331014/microsoft-windows-linux-ubuntu-bash
https://twitter.com/cyb3rops/status/715135519680831488
https://t.co/v1Be8fJ8IV
https://blog.malwarebytes.org/security-threat/2016/03/fileless-infections-an-overview/
https://twitter.com/cyb3rops/status/715105708820328448
https://t.co/GSF8wPMCos
https://github.com/joaomatosf/jexboss
https://twitter.com/cyb3rops/status/714939923539824641
https://t.co/33WmGkSA2B
http://www.crowdstrike.com/blog/reconnaissance-detection-blue-team/
https://twitter.com/cyb3rops/status/714939555439316992
https://t.co/lpoCkTdStq
http://malwaremusings.com/2016/03/30/analysing-cryptolocker-with-unpack-py-the-unpacked-payload-part-2
https://twitter.com/cyb3rops/status/714939400766038016
https://t.co/FYsVdlETxj
http://blog.erratasec.com/2016/03/how-to-detect-truecrypt-blobs-being.html
https://twitter.com/cyb3rops/status/714939234851954689
https://t.co/KH16U6RH7U
http://seclist.us/rspet-v0-0-4-reverse-shell-and-post-exploitation-tool.html
https://twitter.com/cyb3rops/status/714874181142315009
https://t.co/iCrREPldnL
http://securityaffairs.co/wordpress/45765/malware/bitdefender-anti-ransomware-vaccine.html
https://twitter.com/cyb3rops/status/714869297269633024
https://t.co/iZ8b6v5cAZ
https://blog.startpage.com/our-latest-developments/ghacks-ixquick-merges-with-startpage-search-engine/
https://twitter.com/cyb3rops/status/714842517339049985
https://t.co/zH385YFMrq
http://resources.infosecinstitute.com/snort-network-recon-techniques/
https://twitter.com/cyb3rops/status/714793188175818752
https://t.co/RSy39PP9gI
https://github.com/littlebee/git-time-machine
https://twitter.com/cyb3rops/status/714768903688290304
https://t.co/jloTXVI0zO
https://t.co/yKToZAK6DY
http://www.infoworld.com/article/3048526/security/nodejs-alert-google-engineer-finds-flaw-in-npm-scripts.html
https://www.kb.cert.org/CERT_WEB/services/vul-notes.nsf/6eacfaeab94596f5852569290066a50b/018dbb99def6980185257f820013f175/$FILE/npmwormdisclosure.pdf
https://twitter.com/cyb3rops/status/714758908221530112
https://t.co/0Ec872rvNh
http://blog.hackersonlineclub.com/2016/03/redox-unix-like-operating-system-design.html
https://twitter.com/cyb3rops/status/714748728310120448
https://t.co/cBebKpDfbQ
https://t.co/Y9boaN1Epr
https://scotthelme.co.uk/getting-an-a-on-the-qualys-ssl-test-windows-edition/
https://www.nartac.com/Products/IISCrypto
https://twitter.com/cyb3rops/status/714725335976296448
https://t.co/GL0V1IUrax
http://threatcrowd.blogspot.co.uk/2016/03/clustering-threat-landscape.html
https://twitter.com/cyb3rops/status/714724567424569345
https://t.co/1sTcMuKZnI
http://www.darknet.org.uk/2016/03/tempracer-windows-privilege-escalation-tool/
https://twitter.com/cyb3rops/status/714724468061564928
https://t.co/udNyJDM68h
https://www.insinuator.net/2016/03/attacking-next-generation-firewalls/
https://twitter.com/cyb3rops/status/714723996030406656
https://t.co/olv4IKi8Ky
http://resources.infosecinstitute.com/bulk_extractor-b_e-forensic-lab/
https://twitter.com/cyb3rops/status/714721518140436480
https://t.co/XpW1tXjZ53
http://seclist.us/ssl-audit-a-very-fast-network-scanner-of-ssl-server-configurations.html
https://twitter.com/cyb3rops/status/714714897825849344
https://t.co/tG7ZDRTJDN
https://t.co/bItHpaKhbi
https://www.virustotal.com/en/file/bd57616936f453d706e733076fa8a048d1f5119089cabfbbd1906830eab084e0/analysis/1459235355/
https://www.virustotal.com/en/file/34c929276d0376ba07bfaae1893c4a1211a50d2b766837dcc2fd292cd25b6284/analysis/1459235625/
https://twitter.com/cyb3rops/status/714714137708863488
https://twitter.com/cyb3rops/status/714709831450562560
https://twitter.com/cyb3rops/status/714500959221772289
https://t.co/OwBro6QB94
https://t.co/ZzSHfOicSH
https://www.virustotal.com/en/file/34c929276d0376ba07bfaae1893c4a1211a50d2b766837dcc2fd292cd25b6284/analysis/
http://pastebin.com/FNruff4p
https://twitter.com/cyb3rops/status/714245398882291713
https://t.co/EovBI6RGNI
https://twitter.com/objective_see/status/714178059230793728
https://twitter.com/cyb3rops/status/714243889461334016
https://t.co/PWHPQEND8a
http://seclist.us/penbox-v1-3-a-penetration-testing-framework.html
https://twitter.com/cyb3rops/status/714243780573003777
https://t.co/9WuU6ddCuF
https://security.googleblog.com/2016/03/more-encryption-more-notifications-more.html?m=1
https://twitter.com/cyb3rops/status/714243472040009728
https://t.co/9u4ZX8dcmW
http://seclist.us/osueta-a-simple-python-script-to-exploit-the-openssh-user-enumeration-timing-attack.html
https://twitter.com/cyb3rops/status/714111382346735616
https://t.co/NhGporVI4A
http://ionescu007.github.io/SimpleVisor/
https://twitter.com/cyb3rops/status/714033901811994624
https://t.co/UcUgRR5vuv
http://seclist.us/pwncloud-is-a-proof-of-concept-to-backdoor-files-from-owncloud-encryption-module.html
https://twitter.com/cyb3rops/status/713714236380282880
https://t.co/8iH6NBleZI
http://seclist.us/weeman-v1-7-scratch-http-server-for-phishing.html
https://twitter.com/cyb3rops/status/713534346007875584
https://t.co/anFgOXd2Fg
http://researchcenter.paloaltonetworks.com/2016/03/unit42-projectm-link-found-between-pakistani-actor-and-operation-transparent-tribe/
https://twitter.com/cyb3rops/status/713534078709075968
https://t.co/Etf30Ba4Mg
http://seclist.us/metaphor-stagefright-with-aslr-bypass.html
https://twitter.com/cyb3rops/status/713533927852531712
https://t.co/MeAcJCq4Pi
http://seclist.us/htcap-is-a-web-app-scanner-single-page-application-spa-in-a-recursive-manner-by-intercepting-ajax-calls-dom-changes.html
https://twitter.com/cyb3rops/status/713449318389260288
https://t.co/NU9HaQpgne
https://devspace.io
https://twitter.com/cyb3rops/status/713405876464394240
https://t.co/a9APL1qQtv
http://www.fireeye.com/blog/threat-research/2016/03/surge_in_spam_campai.html
https://twitter.com/cyb3rops/status/713367570942918656
https://t.co/VYIR6Cs2FK
http://blog.trendmicro.com/trendlabs-security-intelligence/petya-crypto-ransomware-overwrites-mbr-lock-users-computers/
https://twitter.com/cyb3rops/status/713367487467937792
https://t.co/ff451eh7LY
http://seclist.us/odat-v2-2-oracle-database-attacking-tool.html
https://twitter.com/cyb3rops/status/713316923874914304
https://t.co/Tl2icLFSr2
https://www.virustotal.com/en/file/b521767f67630b74e2272ee953295ef56c8b6428da75afa5bbfb05b72b34c69d/analysis/
https://twitter.com/cyb3rops/status/713297521104306176
https://t.co/PM6Vqh5XQI
https://blogs.mcafee.com/mcafee-labs/malware-employs-powershell-to-infect-systems/
https://twitter.com/cyb3rops/status/713297357463502848
https://t.co/ex8zZFjNdH
http://seclist.us/atscan-v7-0-stable-perl-script-for-vulnerable-server-site-and-dork-scanner.html
https://twitter.com/cyb3rops/status/713280256740880384
https://t.co/NBJEJLE04G
https://t.co/u9h1MrlBEg
http://gravitational.com/teleport/
http://youtu.be/bprRpX-4R_0
https://twitter.com/cyb3rops/status/713150563165282304
https://t.co/28chTzavQJ
http://www.crowdstrike.com/blog/using-os-x-fsevents-discover-deleted-malicious-artifact/
https://twitter.com/cyb3rops/status/713100022959759361
https://t.co/8XmrocvR9H
http://www.ehacking.net/2016/03/oracle-releases-patch-to-fixed-highly.html
https://twitter.com/cyb3rops/status/713099721892605952
https://t.co/uOp5H8qqAX
https://blog.gdatasoftware.com/2016/03/28213-ransomware-petya-encrypts-hard-drives
https://twitter.com/cyb3rops/status/713099425934090240
https://t.co/vEuzE2CPyp
https://blog.malwarebytes.org/intelligence/2016/03/maktub-locker-beautiful-and-dangerous/
https://twitter.com/cyb3rops/status/713061275987795968
https://t.co/tYuuLNR6ew
https://www.virustotal.com/en/file/9feda3752a98aec53b8e1aa8ca7416e84fe01954b2b40404fa925b7e099d733e/analysis/
https://twitter.com/cyb3rops/status/713011465788243968
https://twitter.com/cyb3rops/status/713010889813856260
https://twitter.com/cyb3rops/status/713008236996243456
https://t.co/wK8TEPmJk1
https://otx.alienvault.com/pulse/56f3f6ed67db8c7e7162cdd2/
https://twitter.com/cyb3rops/status/713005763694882816
https://twitter.com/cyb3rops/status/713005256435769344
https://t.co/rb4swpcU8U
http://pastebin.com/R0mYCSEC
https://twitter.com/cyb3rops/status/713002875010609152
https://t.co/InRHfzpJeu
https://t.co/LvXmZf2NbR
https://www.virustotal.com/en/file/26b4699a7b9eeb16e76305d843d4ab05e94d43f3201436927e13b3ebafa90739/analysis/
https://www.hybrid-analysis.com/sample/26b4699a7b9eeb16e76305d843d4ab05e94d43f3201436927e13b3ebafa90739?environmentId=1
https://twitter.com/cyb3rops/status/713001169451397120
https://t.co/FUQSot73M3
http://www.heise.de/newsticker/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html
https://twitter.com/cyb3rops/status/712939768414355456
https://t.co/zz4KtQELLR
https://technet.microsoft.com/en-us/library/bb332342(v=exchg.160).aspx
https://twitter.com/cyb3rops/status/712757103002255361
https://t.co/tSk0fREOc2
http://arstechnica.com/security/2016/03/kentucky-hospital-hit-by-ransomware-attack/
https://twitter.com/cyb3rops/status/712756736982179841
https://t.co/jYzCfClTgy
http://blog.checkpoint.com/2016/03/23/new-teslacrypt-ransomware-spikes-on-leap-day-attempting-to-catch-users-off-guard/
https://twitter.com/cyb3rops/status/712756620586041344
https://t.co/j8Z03F6BmH
http://blog.talosintel.com/2016/03/samsam-ransomware.html
https://twitter.com/cyb3rops/status/712630808192880640
https://twitter.com/cyb3rops/status/712630216250757120
https://t.co/fGGQYekDaE
https://otx.alienvault.com/pulse/56f2978a4637f219425e02e3/
https://twitter.com/cyb3rops/status/712629006181474305
https://twitter.com/cyb3rops/status/712625602067562496
https://t.co/FMRtPDOxVH
http://blog.trendmicro.com/trendlabs-security-intelligence/indian-military-personnel-targeted-by-information-theft-campaign/
https://twitter.com/cyb3rops/status/712625262991708160
https://t.co/bYYJsMY04G
https://blogs.mcafee.com/mcafee-labs/w97m-downloader-serving-vawtrak/
https://twitter.com/cyb3rops/status/712625193383030785
https://t.co/MiA4igTghD
https://www.trustwave.com/Resources/SpiderLabs-Blog/Every-Tool-in-the-Tool-Box/
https://twitter.com/cyb3rops/status/712624433215705088
https://t.co/csvN1QydRK
http://blog.airbuscybersecurity.com/post/2016/03/FILELESS-MALWARE-%E2%80%93-A-BEHAVIOURAL-ANALYSIS-OF-KOVTER-PERSISTENCE
https://twitter.com/cyb3rops/status/712622897626537984
https://twitter.com/cyb3rops/status/712603341763842052
https://twitter.com/cyb3rops/status/712353367306149888
https://t.co/FkcAP1z0GK
http://blog.portswigger.net/2016/03/using-burp-suite-to-audit-and-exploit.html
https://twitter.com/cyb3rops/status/712336261172875264
https://t.co/ocIJryn4Ip
http://googleprojectzero.blogspot.com/2016/03/race-you-to-kernel.html
https://twitter.com/cyb3rops/status/712202224122896384
https://t.co/Cc8TCp8KsJ
https://stixproject.github.io/getting-started/sample-walkthrough/
https://twitter.com/cyb3rops/status/712181773715828737
https://t.co/luryO7kcM4
http://blog.didierstevens.com/2016/03/22/yara-rule-to-detect-vbe-scripts/
https://twitter.com/cyb3rops/status/712023231893540865
https://t.co/mEfKT7AMbM
http://blog.talosintel.com/2016/03/angler-malware-word-search.html
https://twitter.com/cyb3rops/status/712022978561708033
https://t.co/mimgMQnOoL
http://www.darknet.org.uk/2016/03/naxsi-open-source-waf-nginx/
https://twitter.com/cyb3rops/status/711875688714932224
https://t.co/PjsbOoYA9t
http://seclist.us/liffy-is-a-local-file-inclusion-exploitation-tool.html
https://twitter.com/cyb3rops/status/711852650086670336
https://t.co/o5Q3Ztjiht
https://t.co/mFL291Oid1
https://github.com/mandiant/ShimCacheParser/pull/4/files
http://binaryforay.blogspot.de/2015/04/appcompatcache-changes-in-windows-10.html
https://twitter.com/cyb3rops/status/711554291991973888
https://t.co/BfviOLbYEG
http://seclist.us/payday-payload-generator-that-uses-metasploit-and-veil.html
https://twitter.com/cyb3rops/status/711257649547845632
https://t.co/1BGMPPgVyO
http://seclist.us/netripper-v1-0-2-smart-traffic-sniffing-for-penetration-testers.html
https://twitter.com/cyb3rops/status/711161769062961152
https://t.co/0eFgWevsk1
http://security.googleblog.com/2016/03/bindiff-now-available-for-free.html
https://twitter.com/cyb3rops/status/711161628679651328
https://t.co/SkRFQbxPab
http://www.darknet.org.uk/2016/03/frida-dynamic-code-instrumentation-toolkit/
https://twitter.com/cyb3rops/status/711161483506356224
https://t.co/e4KmIinosw
http://arstechnica.com/security/2016/03/275-million-android-phones-imperiled-by-new-code-execution-exploit/
https://twitter.com/cyb3rops/status/710867806473084928
https://t.co/PdeWWGNQXy
https://twitter.com/jepaynemsft/status/710862880040595457
https://twitter.com/cyb3rops/status/710739956298358784
https://t.co/SgCnX0w4uZ
https://github.com/sophsec/ruby-nmap/blob/master/README.md
https://twitter.com/cyb3rops/status/710557364060028930
https://t.co/uwkja8BAYU
https://github.com/cr0hn/enteletaor
https://twitter.com/cyb3rops/status/710390220835917824
https://t.co/RMljnMwNhh
http://seclist.us/sipbrute-is-a-utility-to-perform-dictionary-attacks-against-the-voip-sip-register-hash.html
https://twitter.com/cyb3rops/status/710390096835571712
https://t.co/ffqr4Y502I
http://www.4n6k.com/2016/03/jump-list-forensics-appid-master-list.html
https://twitter.com/cyb3rops/status/710389794883420160
https://t.co/zkyTaSi9Ol
http://www.ehacking.net/2016/03/acedeceiver-new-ios-malware-can-infect.html
https://twitter.com/cyb3rops/status/710389599290433536
https://t.co/a57HK1fSk5
http://seclist.us/bettercap-v1-5-0-a-complete-modular-portable-and-easily-extensible-mitm-framework.html
https://twitter.com/cyb3rops/status/710023373611540484
https://t.co/iiHlZ7AtjT
http://carnal0wnage.attackresearch.com/2016/03/apt-ransomware.html
https://twitter.com/cyb3rops/status/710020919448756224
https://t.co/zyaO3zbK1a
http://seclist.us/ht-bruteforcer-simple-bruteforcer-for-eda2hiddentear-based-ransomware.html
https://twitter.com/cyb3rops/status/709831773895704577
https://t.co/kM97na19nz
http://seclist.us/rspet-reverse-shell-and-post-exploitation-tool.html
https://twitter.com/cyb3rops/status/709831635202662400
https://t.co/gVLU7FhxUW
http://arstechnica.com/security/2016/03/big-name-sites-hit-by-rash-of-malicious-ads-spreading-crypto-ransomware/
https://twitter.com/cyb3rops/status/709803843996016642
https://t.co/acM6bI3SHg
http://www.reuters.com/article/us-china-ransomware-idUSKCN0WG2L5
https://twitter.com/cyb3rops/status/709673740947353600
https://t.co/iICBdWbAUZ
http://seclist.us/thc-ipv6-v3-1dev-update-ipv6-attack-toolkit.html
https://twitter.com/cyb3rops/status/709673576698351616
https://t.co/E1omCttMzj
https://adsecurity.org/?p=2716
https://twitter.com/cyb3rops/status/709673498445291520
https://t.co/eOKkZtjS7J
http://seclist.us/subsearch-is-a-command-line-tool-designed-to-brute-force-subdomain-names.html
https://twitter.com/cyb3rops/status/709673327124733952
https://t.co/vUlSTdjJyU
https://isc.sans.edu/diary.html?storyid=20845&rss
https://twitter.com/cyb3rops/status/709516735620227074
https://t.co/pGrqlP0ZRS
http://arstechnica.com/tech-policy/2016/03/former-cyber-czar-says-nsa-could-crack-the-san-bernadino-shooters-phone/
https://twitter.com/cyb3rops/status/709411845048819712
https://t.co/VQEBkcJ79K
http://resources.infosecinstitute.com/configuring-a-test-lab-for-data-analysis/
https://twitter.com/cyb3rops/status/709353244699574272
https://t.co/jrJucnhI7k
https://blog.netspi.com/dumping-memory-on-ios-8/
https://twitter.com/cyb3rops/status/709082961656881153
https://twitter.com/cyb3rops/status/708996779472244736
https://t.co/6L0j954KWO
http://windowsir.blogspot.com/2016/03/event-logs.html
https://twitter.com/cyb3rops/status/708948808571473920
https://twitter.com/cyb3rops/status/708933077490376704
https://t.co/tUPO6P0jpf
http://seclist.us/jsrat-is-a-simple-js-reverse-shell-over-http-for-windows.html
https://twitter.com/cyb3rops/status/708799386684358656
https://t.co/XcMoMjiQNv
http://seclist.us/powermemory-v1-2-exploit-the-credentials-present-in-files-and-memory.html
https://twitter.com/cyb3rops/status/708799253255217153
https://t.co/Cp8VPXlaBH
http://seclist.us/termineter-smart-meter-security-testing-framework.html
https://twitter.com/cyb3rops/status/708748852807995395
https://t.co/qKXjw9HL1c
http://community.hpe.com/t5/Security-Research/Two-factor-plus-one-device-equals-fail/ba-p/6841122
https://twitter.com/cyb3rops/status/708587194013917184
https://t.co/HEJlEVa89G
http://phishme.com/ransomware-rising-criakl-osx-others/
https://twitter.com/cyb3rops/status/708450117280468992
https://twitter.com/cyb3rops/status/708447455080275968
https://twitter.com/cyb3rops/status/708415933656797184
https://t.co/DlohU8ZrbE
http://arstechnica.com/security/2016/03/botched-java-patch-leaves-millions-vulnerable-to-30-month-old-attack/
https://twitter.com/cyb3rops/status/708414851471818752
https://t.co/iSdmRQ7RdQ
http://seclist.us/changeme-a-default-credential-scanner.html
https://twitter.com/cyb3rops/status/708414165128515584
https://t.co/rxMLKeKEPg
http://feedproxy.google.com/~r/PaloAltoNetworks/~3/jx6WBXEUmXc/
https://twitter.com/cyb3rops/status/708414028297736192
https://t.co/BdQLflHtCb
https://github.com/cisco-sas/kitty/blob/master/README.rst
https://twitter.com/cyb3rops/status/708412522588708866
https://t.co/EFOEgUh5gO
https://isc.sans.edu/diary.html?storyid=20835&rss
https://twitter.com/cyb3rops/status/708350013869522944
https://t.co/I4zIpZGxrw
https://blog.malwarebytes.org/intelligence/2016/03/cerber-ransomware-new-but-mature/
https://twitter.com/cyb3rops/status/708348989616295940
https://t.co/9INNPFalwl
http://arstechnica.com/security/2016/03/after-an-easy-breach-hackers-leave-tips-when-running-a-security-company/
https://twitter.com/cyb3rops/status/708342022009188353
https://t.co/dDETwQKWvc
https://github.com/Neo23x0/yarAnalyzer
https://twitter.com/cyb3rops/status/708312268140843008
https://t.co/brrB7ObCRe
https://blog.malwarebytes.org/online-security/2016/03/windows-applocker-an-introduction/
https://twitter.com/cyb3rops/status/708312133952528384
https://t.co/IXUkMkSLk3
https://www.shellandco.net/list-kerberos-ticket-powershell/
https://twitter.com/cyb3rops/status/708216431226265600
https://t.co/biXoviUgBW
https://www.pinguin.lu/fred
https://twitter.com/cyb3rops/status/708191451054612480
https://t.co/fWZ6rAwRkt
http://www.hexacorn.com/blog/2016/03/11/dexray/
https://twitter.com/cyb3rops/status/708075480839299077
https://t.co/ozScU0NnTH
http://arstechnica.com/security/2016/03/a-typo-costs-bank-hackers-nearly-1b/
https://twitter.com/cyb3rops/status/708052768536313857
https://t.co/51WILqkxY8
http://arstechnica.com/security/2016/03/adobe-issues-emergency-patch-for-actively-exploited-code-execution-bug/
https://twitter.com/cyb3rops/status/708021792573620226
https://t.co/B655WgeabD
https://labs.bitdefender.com/2016/03/how-angler-exploited-silverlight/
https://twitter.com/cyb3rops/status/708000532611391489
https://twitter.com/cyb3rops/status/707985374115721216
https://t.co/53xTr1fuFr
https://otr.cypherpunks.ca/index.php#news
https://twitter.com/cyb3rops/status/707983770410991616
https://t.co/s1lnDnTdIm
http://arstechnica.com/security/2016/03/cothority-to-apple-lets-make-secret-backdoors-impossible/
https://twitter.com/cyb3rops/status/707983403954659329
https://t.co/ooHZ8mZYeK
https://securelist.com/blog/virus-watch/74150/plugx-malware-a-good-hacker-is-an-apologetic-hacker/
https://twitter.com/cyb3rops/status/707829877085507584
https://t.co/iLAIcvNH24
https://adsecurity.org/?p=2753
https://twitter.com/cyb3rops/status/707829722026213376
https://t.co/4zKD9qGtR9
http://seclist.us/ipmipwn-ipmi-cipher-0-attack-tool.html
https://twitter.com/cyb3rops/status/707829243527438336
https://t.co/qEBFYuy7LV
http://www.hexacorn.com/blog/2016/03/10/beyond-good-ol-run-key-part-36/
https://twitter.com/cyb3rops/status/707828699895304196
https://t.co/TRz7XK4ieD
http://holisticinfosec.blogspot.com/2016/03/toolsmith-114-wireedit-and-packet.html
https://twitter.com/cyb3rops/status/707661536626663424
https://t.co/1L7x4KjFzs
http://www.theregister.co.uk/2016/03/09/microsoft_sonic_debian/
https://twitter.com/cyb3rops/status/707631812839919616
https://t.co/PmZK2TDfuw
https://twitter.com/thor_scanner/status/707630234720460800
https://twitter.com/cyb3rops/status/707622486758785024
https://t.co/oTiHlnwAVt
https://hacked.com/fbi-apple-snowden-iphone-horseshit/
https://twitter.com/cyb3rops/status/707622179219894272
https://t.co/d4wvnGeThf
http://arstechnica.com/security/2016/03/irs-shuts-down-identity-security-tool-for-taxpayers-due-to-security-problems/
https://twitter.com/cyb3rops/status/707601997189554177
https://t.co/AMI8434NZK
http://www.arbornetworks.com/blog/asert/alpha-testing-alphaleon-http-bot/
https://twitter.com/cyb3rops/status/707328550454607872
https://t.co/gpoecjlEXe
https://www.virustotal.com/en/file/dc8e37f59f59affa161e7556e5e56b6b9fa7b2bb177592e917db519626f7b2bd/analysis/
https://twitter.com/cyb3rops/status/707281632735182849
https://t.co/ooJYkYSxP4
https://www.trustwave.com/Resources/SpiderLabs-Blog/Data-Extraction-via-String-Concatenation-in-a-Blind-SQL-Injection-Vulnerability/
https://twitter.com/cyb3rops/status/707251611966562305
https://t.co/OHbUedLsrw
http://feedproxy.google.com/~r/GdsSecurityBlog/~3/MD0R_gl1UJU/introducing-psattack.html
https://twitter.com/cyb3rops/status/707201923145986048
https://t.co/8ZxQkBAzV7
http://www.fireeye.com/blog/threat-research/2016/03/lessons-from-operation-russian-doll.html
https://twitter.com/cyb3rops/status/706984537469886464
https://t.co/uMNjWQyBzk
http://malwaremusings.com/2016/03/08/analysing-cryptolocker-with-unpack-py-initial-analysis-part-1/
https://twitter.com/cyb3rops/status/706962739420340225
https://t.co/o8wH5Cpt47
http://blogs.microsoft.com/blog/2016/03/07/announcing-sql-server-on-linux/
https://twitter.com/cyb3rops/status/706902425836380160
https://t.co/Kxg3GoVXeU
https://blog.netspi.com/sql-server-persistence-part-1-startup-stored-procedures/
https://twitter.com/cyb3rops/status/706746739240390656
https://twitter.com/cyb3rops/status/706730935811772416
https://t.co/Hn1B8G5Z2V
https://github.com/awesome-lists/awesome-bash/blob/master/readme.md
https://twitter.com/cyb3rops/status/706730239829876741
https://t.co/XovejfWv3q
http://feedproxy.google.com/~r/Anti-MalwareBlog/~3/-rLaGlKNiR0/
https://twitter.com/cyb3rops/status/706630751291318273
https://t.co/gPAHyU9SeG
http://ift.tt/1QvUMGe
https://twitter.com/cyb3rops/status/706541102841647104
https://t.co/MjA40ZxLWw
https://johannesbader.ch/2016/03/the-dga-of-padcrypt/
https://twitter.com/cyb3rops/status/706486170688090112
https://t.co/BGTgyOKVt3
http://seclist.us/scada-cip-discovery-common-industrial-protocol-based-device-scanner-over-the-internet.html
https://twitter.com/cyb3rops/status/706071420128915456
https://t.co/3JfoqcAwVD
http://feedproxy.google.com/~r/darknethackers/~3/sklU0ssyZlQ/
https://twitter.com/cyb3rops/status/706071202452914176
https://t.co/TaUrnT7z5p
http://seclist.us/drownmap-security-tool-scan-your-environments-for-the-sslv2-drown-vulnerability.html
https://twitter.com/cyb3rops/status/705811783144120320
https://t.co/3cdhNVFO30
http://arstechnica.com/security/2016/03/its-2016-so-why-is-the-world-still-falling-for-office-macro-malware/
https://twitter.com/cyb3rops/status/705811391660347394
https://t.co/OxFha1gRm0
http://arstechnica.com/information-technology/2016/03/whole-lotta-onions-number-of-tor-hidden-sites-spikes-along-with-paranoia/
https://twitter.com/cyb3rops/status/705806125803954176
https://t.co/0rGNzd4zcn
http://seclist.us/odat-v2-1-released-oracle-database-attacking-tool.html
https://twitter.com/cyb3rops/status/705731666568945664
https://t.co/uIoj020uJx
https://ransomwaretracker.abuse.ch/
https://twitter.com/cyb3rops/status/705663875249774592
https://t.co/S8wAAK3Il0
http://karmainsecurity.com/hacking-magento-ecommerce-for-fun-and-17000-usd
https://twitter.com/cyb3rops/status/705653071989215236
https://t.co/RMXG88Mi52
https://github.com/r3comp1le/VT-Hunter/blob/master/README.md
https://twitter.com/cyb3rops/status/705504498228318211
https://t.co/7T1FfvpTe8
http://feedproxy.google.com/~r/Anti-MalwareBlog/~3/qe_8ZLkJAaM/
https://twitter.com/cyb3rops/status/705503875369975808
https://t.co/vrJuJ53OAj
https://blog.rootshell.be/2016/03/03/running-misp-in-a-docker-container/
https://twitter.com/cyb3rops/status/705503683144978432
https://t.co/SBcj9Vr83o
http://arstechnica.com/security/2016/03/new-attack-steals-secret-crypto-keys-from-android-and-ios-phones/
https://twitter.com/cyb3rops/status/705429065638002688
https://t.co/2Sg036AvLt
https://t.co/C5rSn2JnXa
http://commandlinefu.com
http://www.commandlinefu.com/commands/browse/sort-by-votes
https://twitter.com/cyb3rops/status/705398998526349312
https://t.co/YuxAvvsRIL
http://resources.infosecinstitute.com/complete-tour-of-pe-and-elf-part-1/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+infosecResources+%28InfoSec+Resources%29
https://twitter.com/cyb3rops/status/705398398375972865
https://t.co/UQUlb5nJ1k
https://www.shellandco.net/check-if-you-are-vulnerable-to-drown/
https://twitter.com/cyb3rops/status/705141779935444992
https://t.co/Uo9OqK6Mhu
https://t.co/5kTFB6nwsF
http://ADSecurity.org
https://adsecurity.org/?p=2696
https://twitter.com/cyb3rops/status/705057460944510976
https://twitter.com/cyb3rops/status/704937184781017089
https://t.co/O7o4m2USXY
http://www.harmj0y.net/blog/defense/powersccm/
https://twitter.com/cyb3rops/status/704936677781929984
https://t.co/bltqzuqCiF
https://www.schneier.com/blog/archives/2016/03/wikileaks_publi.html
https://twitter.com/cyb3rops/status/704936616058609664
https://t.co/zB2A2nyeT4
http://seclist.us/winpayloads-beta-update-undetectable-windows-payload-generation.html
https://twitter.com/cyb3rops/status/704936360042434560
https://t.co/UYdL0HSV5h
http://seclist.us/pcapfex-packet-capture-forensic-evidence-extractor.html
https://twitter.com/cyb3rops/status/704721559882231808
https://t.co/Ov0qxeGWDD
https://isc.sans.edu/diary.html?storyid=20785&rss
https://twitter.com/cyb3rops/status/704721413731647488
https://t.co/oJa56kVC43
https://blog.malwarebytes.org/intelligence/2016/03/look-into-locky/
https://twitter.com/cyb3rops/status/704717125693403137
https://t.co/27TN8DtWGO
http://feedproxy.google.com/~r/Vrt/~3/9EUWxxxio10/angler-slips-hook.html
https://twitter.com/cyb3rops/status/704655403032952832
https://t.co/Ifn3US5HDl
http://arstechnica.com/information-technology/2016/03/windows-defender-advanced-threat-protection-uses-cloud-power-to-figure-out-youve-been-pwned/
https://twitter.com/cyb3rops/status/704655314839347200
https://t.co/c8m8RH0TdX
https://securelist.com/blog/research/73989/ctb-locker-is-back-the-web-server-edition/
https://twitter.com/cyb3rops/status/704654822465740800
https://t.co/cMREodfapg
https://www.blueliv.com/research/antihooking-techniques-used-by-andromeda-aim-to-defeat-cuckoo-like-sandboxes/
https://twitter.com/cyb3rops/status/704462997264195586
https://t.co/eHIdL6yY3e
http://seclist.us/radare2-v0-10-1-codename-solid-chair-society-released.html
https://twitter.com/cyb3rops/status/704418317797294080
https://t.co/0W6Nbc0M2r
http://arstechnica.com/security/2016/02/largely-undetected-mac-malware-suggests-disgraced-hackingteam-has-returned/
https://twitter.com/cyb3rops/status/704418175677571073
https://t.co/5FkR0zUevA
https://isc.sans.edu/diary.html?storyid=20781&rss
https://twitter.com/cyb3rops/status/704394014355750918
https://t.co/wllR3lWEUL
https://t.co/nsZkgTTxLk
http://rubular.com/r/h9JYak5DDF
https://gist.github.com/Neo23x0/e3d4e316d7441d9143c7
https://twitter.com/cyb3rops/status/704327699108601860
https://t.co/VKljAZAJab
https://blog.cloudflare.com/a-tale-of-a-dns-exploit-cve-2015-7547/
https://twitter.com/cyb3rops/status/704322190284607488
https://t.co/Jcilx7S4K1
https://blog.serverdensity.com/windows-monitoring-tools/
https://twitter.com/cyb3rops/status/704240555111354368
https://t.co/wbcVdXixxW
https://github.com/dthree/cash/
https://twitter.com/cyb3rops/status/704080290260656129
https://t.co/Pt3CpyD2aE
http://eternal-todo.com/blog/adding-scoring-system-peepdf-pdf-analysis
https://twitter.com/cyb3rops/status/704023537783316480
https://t.co/4ocjIZpePO
http://www.labofapenetrationtester.com/2016/02/getting-domain-admin-with-kerberos-unconstrained-delegation.html
https://twitter.com/cyb3rops/status/703935494955130881
https://t.co/bLERoYVGgr
http://blog.didierstevens.com/2016/02/28/update-translate-py-version-2-2-0-for-locky-javascript-deobfuscation
https://twitter.com/cyb3rops/status/703851335129526278
https://t.co/dUnSPG2s3y
http://perltricks.com/article/an-introduction-to-tmux/
https://twitter.com/cyb3rops/status/703745023565766656
https://t.co/GeQLVgHyPu
http://seclist.us/sonar-is-a-reconnaissance-tool-for-enumerating-sub-domains.html
https://twitter.com/cyb3rops/status/703625584866402305
https://twitter.com/cyb3rops/status/703578672121421824
https://t.co/AEinYZLAib
http://arstechnica.com/security/2016/02/most-software-already-has-a-golden-key-backdoor-its-called-auto-update/
https://twitter.com/cyb3rops/status/703556423108657152
https://t.co/SiGNt4pXr1
https://blog.serverdensity.com/80-linux-monitoring-tools-know/
https://twitter.com/cyb3rops/status/703368009088425984
https://t.co/HiEz4ApBlM
https://t.co/Nyo89XfAru
http://IRS.Gov
http://krebsonsecurity.com/2016/02/irs-390k-more-victims-of-irs-gov-weakness/
https://twitter.com/cyb3rops/status/703333240984178688
https://t.co/FFCvRt7Dr9
http://seclist.us/updates-rooty-libpcap-based-icmp-encrypted-backdoor-for-linux.html
https://twitter.com/cyb3rops/status/703332837848707073
https://t.co/STtDEpzHMw
http://seclist.us/certerator-code-signing-certificate-generator.html
https://twitter.com/cyb3rops/status/703292273602199558
https://t.co/pcsYVrCt6g
http://seclist.us/sshak-ssh-brute-force-attack-tool.html
https://twitter.com/cyb3rops/status/703229485819281412
https://t.co/O7egYk3YmH
http://www.invoke-ir.com/2016/02/forensic-friday-get-forensicmftslack.html
https://twitter.com/cyb3rops/status/703001430567817216
https://t.co/i6d5aiFzaf
http://packetlife.net/media/library/23/common_ports.pdf
https://twitter.com/cyb3rops/status/703000200156213248
https://t.co/O0Dxn5GumA
http://seclist.us/xsser-v1-7b-is-an-automatic-framework-to-detect-exploit-and-report-xss-vulnerabilities-in-web-based-applications.html
https://twitter.com/cyb3rops/status/702999977480560640
https://t.co/iqsJ2T06V0
https://bto.bluecoat.com/security-advisory/sa112
https://twitter.com/cyb3rops/status/702893922520010752
https://t.co/OUnqAvPmro
http://seclist.us/ranger-v0-43b-a-tool-to-support-security-professionals-to-access-and-interact-with-remote-microsoft-windows-based-systems.html
https://twitter.com/cyb3rops/status/702893418293424129
https://t.co/XgtXTjcPlv
http://arstechnica.com/security/2016/02/malicious-websites-exploit-silverlight-bug-that-can-pwn-macs-and-windows/
https://twitter.com/cyb3rops/status/702885176196657152
https://t.co/pHXEPK0FAU
http://payload-security.blogspot.com/2016/02/changelog-q4-2015-q1-2016-distilled.html
https://twitter.com/cyb3rops/status/702643249555640320
https://t.co/yYKCl3CvBG
http://seclist.us/ysoserial-v0-0-4-a-proof-of-concept-tool-for-generating-payloads-that-exploit-unsafe-java-object-deserialization.html
https://twitter.com/cyb3rops/status/702630172286197760
https://t.co/iUEYrLrZ1Y
https://blogs.technet.microsoft.com/mmpc/2016/02/24/locky-malware-lucky-to-avoid-it/
https://twitter.com/cyb3rops/status/702629916316180480
https://t.co/bOL3g8VyJo
https://adsecurity.org/?p=2668
https://twitter.com/cyb3rops/status/702551371371978752
https://twitter.com/cyb3rops/status/702536599490400257
https://t.co/7BITjlHHAw
https://movemouse.codeplex.com/
https://twitter.com/cyb3rops/status/702475716424769536
https://twitter.com/cyb3rops/status/702456770174787584
https://twitter.com/cyb3rops/status/702453121625227264
https://t.co/qd0DSwVmPh
https://t.co/3OJAICwbuD
https://www.virustotal.com/en/file/0da7b30ee71524a2b217eea554fba6795d65617797a3c2d2f224764040d90de5/analysis/
http://pastebin.com/cXNJFh97
https://twitter.com/cyb3rops/status/702430272130818048
https://t.co/ET2CLv37aT
https://gist.github.com/Neo23x0/a4b4af9481e01e749409
https://twitter.com/cyb3rops/status/702405050824531968
https://t.co/pFIKokBUpW
http://www.powershelladmin.com/wiki/Port_scan_subnets_with_PSnmap_for_PowerShell
https://twitter.com/cyb3rops/status/702381910698360832
https://t.co/Vy9r86GDnj
https://otx.alienvault.com/pulse/56cc9cef67db8c5860d25aef/
https://twitter.com/cyb3rops/status/702379508071055360
https://t.co/SFbJ3VkdrG
https://www.cylance.com/operation-dust-storm
https://twitter.com/cyb3rops/status/702218606654963712
https://t.co/AY5LRcs3fo
http://securityblog.gr/3272/automater-ip-url-and-md5-osint-analysis/
https://twitter.com/cyb3rops/status/702118044919844864
https://t.co/0U3FQA4IsM
http://seclist.us/formatstringexploiter-helper-script-for-working-with-format-string-bugs.html
https://twitter.com/cyb3rops/status/702117752316755968
https://t.co/cct8eu3DTI
http://feedproxy.google.com/~r/HelpNetSecurity/~3/iTNFVJz3nRs/
https://twitter.com/cyb3rops/status/702117649355030528
https://t.co/dbFfZDc0NT
https://www.schneier.com/blog/archives/2016/02/practical_tempe.html
https://twitter.com/cyb3rops/status/702117387534000129
https://t.co/UrvfQnX0mo
http://www.fireeye.com/blog/threat-research/2016/02/using_emet_to_disabl.html
https://twitter.com/cyb3rops/status/702029937553907712
https://t.co/B1nxGFx7L8
http://www.fireeye.com/blog/threat-research/2016/02/greater_visibilityt.html
https://twitter.com/cyb3rops/status/701808560313917440
https://t.co/QNmZPph6O8
http://www.malwaretech.com/2016/02/necursp2p-hybrid-peer-to-peer-necurs.html
https://twitter.com/cyb3rops/status/701675079864868864
https://t.co/u9PfVybLr9
http://www.kahusecurity.com/2016/deobfuscating-a-hideous-looking-js-downloader/
https://twitter.com/cyb3rops/status/701674892102672384
https://t.co/APd6iL880A
http://seclist.us/fruitywifi-v-2-4-is-an-open-source-tool-to-audit-wireless-networks.html
https://twitter.com/cyb3rops/status/701674763165548544
https://t.co/zlLPAJx85r
http://seclist.us/automate-a-timebase-blind-sql-injection-with-curl.html
https://twitter.com/cyb3rops/status/701465845046894592
https://t.co/ZOFrZRQQQU
https://github.com/presidentbeef/brakeman
https://twitter.com/cyb3rops/status/701405814037331973
https://t.co/vbXFCM8BfJ
http://seclist.us/sploitkit-a-suite-of-cli-tools-i-built-to-automate-some-of-the-tedious-parts-of-exploit-development.html
https://twitter.com/cyb3rops/status/701352764916555776
https://t.co/YGUKyp1oU9
https://wald0.com/?p=14
https://twitter.com/cyb3rops/status/701344791511040000
https://t.co/HDanD4kPNZ
http://blog.linuxmint.com/?p=2994
https://twitter.com/cyb3rops/status/701325484731269120
https://t.co/7rPnKpuQdK
https://conorpp.com//2016/02/17/keyak-a-candidate-for-the-authenticated-encryption-standard/
https://twitter.com/cyb3rops/status/701325129784172544
https://t.co/R7PCVpKxDr
https://github.com/P1kachu/v0lt/blob/master/README.md
https://twitter.com/cyb3rops/status/701177070999748611
https://t.co/ojswKOppb2
http://seclist.us/appie-v3-released-android-pentesting-portable-integrated-environment.html
https://twitter.com/cyb3rops/status/701038567171235840
https://t.co/WdnPrEE9NF
http://seclist.us/kisskissie-simple-proof-of-concept-external-xml-entity-xxe-scan-and-exfiltrate-tool.html
https://twitter.com/cyb3rops/status/700650494985768960
https://t.co/UtRZBKXUS6
http://seclist.us/darkobserver-windows-powershell-domain-scanning-tool.html
https://twitter.com/cyb3rops/status/700650260729757696
https://t.co/Yt7YdMLV6l
http://feedproxy.google.com/~r/HelpNetSecurity/~3/vX-gGg-Ofgk/
https://twitter.com/cyb3rops/status/700650102600249344
https://t.co/7QKo8mS0cT
https://isc.sans.edu/diary.html?storyid=20745&rss
https://twitter.com/cyb3rops/status/700643495640301568
https://twitter.com/cyb3rops/status/700639380117950464
https://t.co/YuOEpYtM3B
https://t.co/r3MImi3nch
http://pastebin.com/0604rgUn
https://www.hybrid-analysis.com/sample/865d925a6db711ab0f02d626b7b7abe2e95b3ce0ed432a105d2b65e4150d80d7?environmentId=4
https://twitter.com/cyb3rops/status/700457389410152449
https://t.co/WVOKO5QoxU
http://arstechnica.com/apple/2016/02/encryption-isnt-at-stake-the-fbi-knows-apple-already-has-the-desired-key/
https://twitter.com/cyb3rops/status/700457028041490432
https://t.co/f9AEQq3Lnj
http://seclist.us/veil-evasion-v2-24-is-a-tool-designed-to-generate-metasploit-payloads-that-bypass-common-anti-virus-solutions.html
https://twitter.com/cyb3rops/status/700456750277906432
https://t.co/qg8HSBcm4w
http://www.crowdstrike.com/blog/investigating-powershell-command-and-script-logging/
https://twitter.com/cyb3rops/status/700364845896634368
https://twitter.com/cyb3rops/status/700361688730771456
https://t.co/XWKWGwN5CO
http://seclists.org/fulldisclosure/2016/Feb/82
https://twitter.com/cyb3rops/status/700361367883218945
https://t.co/yD8qIZXJmw
https://securityintelligence.com/gozi-banking-trojan-upgrades-build-to-inject-into-windows-10-edge-browser/
https://twitter.com/cyb3rops/status/700359371159633921
https://twitter.com/cyb3rops/status/700298406024056832
https://t.co/nsZkgTTxLk
https://gist.github.com/Neo23x0/e3d4e316d7441d9143c7
https://twitter.com/cyb3rops/status/700295087243325441
https://t.co/EHeqEe1TiB
http://www.alpinelinux.org/
https://twitter.com/cyb3rops/status/700270322503852032
https://t.co/7wwlAKCY9Z
https://gist.github.com/Neo23x0/f56bea38d95040b70cf5
https://twitter.com/cyb3rops/status/700224293280620544
https://t.co/2bp23KIUEo
http://community.hpe.com/t5/Security-Research/Feeling-Locky/ba-p/6833983
https://twitter.com/cyb3rops/status/699971890643935234
https://t.co/1ci69RhyP1
http://seclist.us/machinae-v1-2-0-security-intelligence-collector.html
https://twitter.com/cyb3rops/status/699967446564917248
https://t.co/Ld8sHoN3eZ
http://joshuadlewis.blogspot.de/2014/10/advanced-threat-detection-with-sysmon_74.html
https://twitter.com/cyb3rops/status/699941112853762048
https://t.co/oFBKvO7sog
https://twitter.com/instacyber/status/699932373723447296
https://twitter.com/cyb3rops/status/699940571658526720
https://twitter.com/cyb3rops/status/699926263574695937
https://twitter.com/cyb3rops/status/699926086113738752
https://twitter.com/cyb3rops/status/699925606994219008
https://twitter.com/cyb3rops/status/699923408671391744
https://twitter.com/cyb3rops/status/699918820924850176
https://t.co/yvRQh8mWVY
https://twitter.com/netbiosX/status/699912623639367680
https://twitter.com/cyb3rops/status/699887925836804096
https://t.co/KxpaWPOyiE
https://otx.alienvault.com/pulse/56c2ff4a67db8c71b90743cf/
https://twitter.com/cyb3rops/status/699887684320436225
https://t.co/2nom6Uh1RU
https://otx.alienvault.com/pulse/56c3ccf667db8c1250174688/
https://twitter.com/cyb3rops/status/699870323060170753
https://t.co/NWSfCQ4KqF
https://www.hybrid-analysis.com/sample/5e945c1d27c9ad77a2b63ae10af46aee7d29a6a43605a9bfbf35cebbcff184d8?environmentId=1
https://twitter.com/cyb3rops/status/699866731188191232
https://t.co/k682K1Hova
https://docs.google.com/spreadsheets/d/1H9_xaxQHpWaa4O_Son4Gx0YOIzlcBWMsdvePFX68EKU/
https://twitter.com/cyb3rops/status/699862155131293696
https://t.co/SkHP1d2zvq
http://feedproxy.google.com/~r/PaloAltoNetworks/~3/Gatyzmo388Y/
https://twitter.com/cyb3rops/status/699861548186079232
https://t.co/NPJ4MuOWlz
http://arstechnica.com/tech-policy/2016/02/massive-us-planned-cyberattack-against-iran-went-well-beyond-stuxnet/
https://twitter.com/cyb3rops/status/699861406921916416
https://t.co/ChYg6aQGxt
http://blog.jpcert.or.jp/2016/02/banking-trojan--27d6.html
https://twitter.com/cyb3rops/status/699861169922830336
https://t.co/3hsA1anZRM
https://github.com/fjserna/CVE-2015-7547
https://twitter.com/cyb3rops/status/699720534683226116
https://twitter.com/cyb3rops/status/699550100411064320
https://t.co/ezG1XoO0wt
https://patzke.org/implementing-the-poodle-attack.html
https://twitter.com/cyb3rops/status/699547184811876352
https://t.co/vq3p7PKY28
http://blog.hackersonlineclub.com/2016/02/tdl-tool-for-bypassing-windows-x64.html
https://twitter.com/cyb3rops/status/699526731519107072
https://t.co/j4qHxe5kUR
https://www.hybrid-analysis.com/sample/b762797066a150c8b6de613059b4e062b6f374b8ac8b9cea315e28ad5c11f3c6?environmentId=1
https://twitter.com/cyb3rops/status/699498231701630976
https://t.co/IYxZzRUcNc
http://seclist.us/updates-tater-is-a-powershell-implementation-of-the-hot-potato-windows-privilege-escalation-exploit.html
https://twitter.com/cyb3rops/status/699391861732069376
https://t.co/Gy6xCsTECp
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_sofacy_fysbis.yar
https://twitter.com/cyb3rops/status/699358732837351425
https://t.co/gPSZjPEqJs
http://youtu.be/G_63IRl0Xe0
https://twitter.com/cyb3rops/status/699335337403936772
https://twitter.com/cyb3rops/status/699303349963919362
https://t.co/crJGefd1Ig
https://t.co/ZHmLUdmsKX
https://twitter.com/Cyb3rOps/status/682592180930613248
https://twitter.com/curi0usJack/status/697873264614498304
https://twitter.com/cyb3rops/status/699161083521736706
https://twitter.com/cyb3rops/status/699138630003113984
https://twitter.com/cyb3rops/status/698968200046886912
https://twitter.com/cyb3rops/status/698833683202097152
https://twitter.com/cyb3rops/status/698829718636863488
https://t.co/w7zpbkk1cO
https://t.co/zlxBIowPWQ
http://census.gov
http://pastebin.com/u/NetBIOS
https://twitter.com/cyb3rops/status/698814813154230272
https://t.co/s3yAyKT86X
https://www.virustotal.com/en/file/b762797066a150c8b6de613059b4e062b6f374b8ac8b9cea315e28ad5c11f3c6/analysis/
https://twitter.com/cyb3rops/status/698790838139273217
https://t.co/SgQ2WDIWmg
https://t.co/EnQkUSZku9
https://github.com/SummitRoute/osxlockdown
https://twitter.com/tribalchickenAU/status/698524271530749952
https://twitter.com/cyb3rops/status/698625217996967936
https://t.co/ZJ2cBgnnFh
http://www.mitre.org/capabilities/cybersecurity/overview/cybersecurity-blog/scanning-streaming-data-with-yarashop
https://twitter.com/cyb3rops/status/698620357943697408
https://t.co/JGzXmhyu6l
https://twitter.com/m3g9tr0n/status/698615046868434944
https://twitter.com/cyb3rops/status/698564276039114752
https://t.co/WXwpJBJeA0
https://t.co/XnFSsQfxZo
https://github.com/Neo23x0/Loki/blob/master/signatures/apt_sofacy_fysbis.yar
http://researchcenter.paloaltonetworks.com/2016/02/a-look-into-fysbis-sofacys-linux-backdoor/
https://twitter.com/cyb3rops/status/698461928084152320
https://t.co/OJUhsix7Vm
http://feedproxy.google.com/~r/PaloAltoNetworks/~3/iS7L7X1jOQU/
https://twitter.com/cyb3rops/status/698446212652011520
https://t.co/uLHR9I4Mx4
http://www.theguardian.com/commentisfree/2016/feb/09/internet-of-things-smart-devices-spying-surveillance-us-government
https://twitter.com/cyb3rops/status/698280614869467137
https://t.co/y8ub05MDue
https://blogs.mcafee.com/mcafee-labs/hydracrypt-another-variant-of-ransomware-created-with-angler-exploit-kit/
https://twitter.com/cyb3rops/status/698222738293596160
https://t.co/GzELs3qMLy
http://rancher.com/rancher-os/
https://twitter.com/cyb3rops/status/698215359673933824
https://twitter.com/cyb3rops/status/698200249140166656
https://twitter.com/cyb3rops/status/698198320557264897
https://t.co/yJCeyGOboc
http://blog.emsisoft.com/2016/02/12/decrypter-for-hydracrypt-and-umbrecrypt-available/
https://twitter.com/cyb3rops/status/698110746287280128
https://t.co/852uh2Y93Z
http://seclist.us/doona-v1-0-is-a-fork-of-the-bruteforce-exploit-detector-tool-bed.html
https://twitter.com/cyb3rops/status/698109892696137731
https://t.co/uiT72v67MN
http://blog.checkpoint.com/2016/02/11/campaign-targeting-wordpress-users-being-redirects-to-angler-exploit-kit/
https://twitter.com/cyb3rops/status/698079952147779584
https://t.co/r4efqpyMlI
https://adsecurity.org/?p=2277
https://twitter.com/cyb3rops/status/698053606449274880
https://t.co/7Q292JHt71
http://www.darkreading.com/endpoint/chinese-cyberspies-pivot-to-russia-in-wake-of-obama-xi-pact/d/d-id/1324242
https://twitter.com/cyb3rops/status/697820369479200772
https://t.co/2lpH6LQJUG
http://feedproxy.google.com/~r/eset/blog/~3/O8WiZ96Y8mQ/
https://twitter.com/cyb3rops/status/697818981768499200
https://twitter.com/cyb3rops/status/697787362487746562
https://t.co/vIQYNxd7EZ
http://seclist.us/updates-ps-windowsforensics-powershell-scripts-for-parsing-forensic-artifacts-in-the-windows-operating-system.html
https://twitter.com/cyb3rops/status/697787253301637120
https://t.co/uBGjZojIyM
http://www.labofapenetrationtester.com/2016/02/kautilya-easy-reverse-shells.html
https://twitter.com/cyb3rops/status/697787146229444608
https://t.co/8HyCnwmzFg
http://arstechnica.com/tech-policy/2016/02/new-report-contends-mandatory-crypto-backdoors-would-be-futile/
https://twitter.com/cyb3rops/status/697751979443904512
https://t.co/4bnrTMGDTp
https://verifyne.me/
https://twitter.com/cyb3rops/status/697682104633708545
https://t.co/2c437lAJhI
https://isc.sans.edu/diary/Tomcat+IR+with+XOR.DDoS/20721
https://twitter.com/cyb3rops/status/697679683505225729
https://t.co/aHQp66BHsE
http://blog.erratasec.com/2016/02/hackers-arent-smart-people-are-stupid.html
https://twitter.com/cyb3rops/status/697559140508557314
https://t.co/09L5XQp3Ge
https://isc.sans.edu/diary.html?storyid=20719&rss
https://twitter.com/cyb3rops/status/697558997755412481
https://t.co/J7y8htbHqC
http://seclist.us/yosuo-v2-1-is-a-ruby-script-that-scans-for-vulnerable-exploitable-3rd-party-web-applications-on-a-network-2.html
https://twitter.com/cyb3rops/status/697499322523512836
https://t.co/D5MbWIixHa
http://blog.nirsoft.net/2016/02/06/new-tool-that-lists-all-files-opened-by-other-computers-on-your-network/
https://twitter.com/cyb3rops/status/697498913344000000
https://t.co/SaSzoyjJmx
https://twitter.com/cyb3rops/status/695541885398622209
https://twitter.com/cyb3rops/status/697497590380756994
https://t.co/Ru7SyR19nP
http://www.ansible.com/windows
https://twitter.com/cyb3rops/status/697460298358386689
https://t.co/8LlKvUEzwG
http://phishme.com/dridex-experimenting-with-new-attack-vectors/
https://twitter.com/cyb3rops/status/697459682294816769
https://t.co/ZBCapHuH44
http://blog.checkpoint.com/2016/02/10/too-much-freedom-is-dangerous-understanding-ie-11-cve-2015-2419-exploitation/
https://twitter.com/cyb3rops/status/697425244420763648
https://t.co/avSSlubbWm
http://www.arbornetworks.com/blog/asert/dumping-core-analytical-findings-on-trojan-corebo/
https://twitter.com/cyb3rops/status/697328878210129920
https://t.co/u00g2pAzdl
http://holisticinfosec.blogspot.com/2016/02/toolsmith-113-dfir-case-management-with.html
https://twitter.com/cyb3rops/status/697328522738724864
https://t.co/zB1UviVCmW
http://feedproxy.google.com/~r/PentestTools/~3/xZIx3KS6fG4/networkminer-20-network-forensic.html
https://twitter.com/cyb3rops/status/697328373526347776
https://t.co/EqHhbH7oaq
http://blog.didierstevens.com/2016/02/10/create-your-own-cmd-xls/
https://twitter.com/cyb3rops/status/697204939983097856
https://t.co/tIjvAAJK4I
http://blog.malwarebytes.org/intelligence/2016/02/dma-locker-strikes-back/
https://twitter.com/cyb3rops/status/697130034507739136
https://t.co/va57OHiLrH
https://github.com/Neo23x0/Loki/blob/master/signatures/apt_poseidon_group.yar
https://twitter.com/cyb3rops/status/696975309946671104
https://twitter.com/cyb3rops/status/696761792421367808
https://t.co/Jd2wYxGVs8
https://twitter.com/MartinGalloAr/status/696754017632980992
https://twitter.com/cyb3rops/status/696760461010857985
https://t.co/rJfGZ9E05M
http://vimr.org/
https://twitter.com/cyb3rops/status/696758426450448389
https://t.co/Z4rXP2d9Z6
https://twitter.com/assolini/status/696748520355799040
https://twitter.com/cyb3rops/status/696756299133014017
https://t.co/e5MYYNplom
http://seclist.us/10025.html
https://twitter.com/cyb3rops/status/696633245564342272
https://t.co/NAY2nSgz1g
http://hackerhurricane.blogspot.de/2015/05/defending-against-powershell-shells.html
https://twitter.com/cyb3rops/status/696629961386553345
https://t.co/5S6rvfTT6H
https://4sysops.com/archives/log-powershell-command-outputs-with-group-policy/
https://twitter.com/cyb3rops/status/696624019584450561
https://t.co/JRwbjAsDD0
https://zealdocs.org/
https://twitter.com/cyb3rops/status/696591357654257664
https://t.co/iF2oi4vMGH
http://www.theregister.co.uk/2016/01/27/nsa_loves_it_when_you_use_pgp/
https://twitter.com/cyb3rops/status/696463870366478336
https://t.co/LfiQxeqNOH
http://seclist.us/randkit-random-number-rootkit-for-the-linux-kernel.html
https://twitter.com/cyb3rops/status/696436112458432512
https://t.co/vtROgiIEHk
http://blog.hackersonlineclub.com/2016/02/android-dynamic-binary-instrumentation_7.html
https://twitter.com/cyb3rops/status/696281259782316033
https://t.co/sXctYK1xRd
http://seclist.us/al-khaser-v0-3-a-poc-malware-with-good-intentions-that-aimes-to-stress-your-anti-malware-system.html
https://twitter.com/cyb3rops/status/696033147981426688
https://t.co/Kml9bO9Mxh
http://www.righto.com/2016/02/the-arm1-processors-flags-reverse.html
https://twitter.com/cyb3rops/status/695943427410759680
https://t.co/Dr850MvQYw
http://infinit.sh/
https://twitter.com/cyb3rops/status/695931957176332288
https://t.co/c5QeclpBLF
https://govolution.wordpress.com/2016/02/06/memdumps-volatility-mimikatz-vms-overview/
https://twitter.com/cyb3rops/status/695917772329586689
https://t.co/LPpgyrQGhy
https://www.schneier.com/blog/archives/2016/02/nsa_reorganizin.html
https://twitter.com/cyb3rops/status/695673702663524352
https://t.co/MPgfUut44R
http://seclist.us/brosec-v0-2-an-interactive-reference-tool-to-help-security-professionals-utilize-useful-payloads-and-commands.html
https://twitter.com/cyb3rops/status/695633293782417408
https://t.co/H2kZD35SK2
http://securityblog.gr/3249/llmnr-nbt-ns-and-mdns-poisoner/
https://twitter.com/cyb3rops/status/695632983936651265
https://t.co/zXTTrhGYPQ
https://techanarchy.net/2016/02/security-onion-command-injection-vulnerability/
https://twitter.com/cyb3rops/status/695632663894495232
https://t.co/ndEGV4qKP2
http://feedproxy.google.com/~r/HelpNetSecurity/~3/BAzqEUSgytI/malware_news.php
https://twitter.com/cyb3rops/status/695632547255074816
https://t.co/sYHmvoT9S1
http://arstechnica.com/tech-policy/2016/02/profs-protest-invasive-cybersecurity-measures-at-university-of-california-campuses/
https://twitter.com/cyb3rops/status/695628081629896705
https://twitter.com/cyb3rops/status/695627930609836034
https://t.co/sCRMplpkXs
https://github.com/gabemart/hipku
https://twitter.com/cyb3rops/status/695627588883062785
https://twitter.com/cyb3rops/status/695624898962661376
https://t.co/a7vsRgkYSE
http://netbsd.gw.com/cgi-bin/man-cgi?skey
https://twitter.com/cyb3rops/status/695617487212277760
https://t.co/BdOXxJ0Ttv
https://t.co/PlXjxk9EIS
https://www.virustotal.com/en/file/c20f30326fcebad25446cf2e267c341ac34664efad5c50ff07f0738ae2390eae/analysis/
https://github.com/Neo23x0/Loki/blob/master/signatures/gen_powerkatz.yar
https://twitter.com/cyb3rops/status/695541885398622209
https://twitter.com/cyb3rops/status/695515971759579136
https://t.co/hLLM3t7Iu1
http://codewhitesec.blogspot.de/2016/02/java-and-command-line-injections-in-windows.html?m=1
https://twitter.com/cyb3rops/status/695484481235460097
https://t.co/GgDG0vtAUY
http://arstechnica.com/information-technology/2016/02/chrome-picks-up-bonus-security-features-on-windows-10/
https://twitter.com/cyb3rops/status/695484360443760641
https://t.co/B03RUv0ZME
http://seclist.us/droopescan-a-plugin-based-scanner-that-aids-security-researchers-in-identifying-issues-with-several-cms.html
https://twitter.com/cyb3rops/status/695364198490963969
https://t.co/XbobsKAkrW
http://feedproxy.google.com/~r/PaloAltoNetworks/~3/1HaOs2810wU/
https://twitter.com/cyb3rops/status/695340867490451456
https://t.co/Ec7tcvSf5D
http://labs.lastline.com/a-peek-behind-the-cryptowall?utm_campaign=LastlineLabsBlog&utm_content=27776204&utm_medium=social&utm_source=facebook
https://twitter.com/cyb3rops/status/695338949665902592
https://t.co/wxRL867hfF
http://www.harmj0y.net/blog/empire/nothing-lasts-forever-persistence-with-empire/
https://twitter.com/cyb3rops/status/695311284451971072
https://t.co/GJ5mDLAhB5
http://googleprojectzero.blogspot.com/2016/02/racing-midi-messages-in-chrome.html
https://twitter.com/cyb3rops/status/695304112162865152
https://t.co/83Set5uhAd
http://gleeda.blogspot.de/2016/01/registry-value-names-starting-with-null.html?m=1
https://twitter.com/cyb3rops/status/695302888365645824
https://t.co/TtO4YdGbO8
https://twitter.com/Cyb3rOps/status/692689379039559680
https://twitter.com/cyb3rops/status/695294914876329985
https://t.co/xeRVYKkG0Q
http://feedproxy.google.com/~r/infosecResources/~3/1m3luJlawRI/
https://twitter.com/cyb3rops/status/695280873013432321
https://t.co/gOQdKLtVBd
https://github.com/Neo23x0/Loki/commit/032a04bb5ed10fa5595b04a85d3ec205902fcc23
https://twitter.com/cyb3rops/status/695236058234122240
https://t.co/7rqd514c0Q
https://reaqta.com/2016/02/hydracrypt-ransomware/
https://twitter.com/cyb3rops/status/695198395351359490
https://t.co/pM9B4HZhXR
https://t.co/KHWHXeRJht
https://www.virustotal.com/en/file/5b8d6afe153d526dde10eb7d4b5749fd57e315c3a2a7ffa93d8eee7de872cc04/analysis/
http://pastebin.com/rV8JSn77
https://twitter.com/cyb3rops/status/695174268481597440
https://t.co/L4gn5GTvts
https://github.com/gizak/termui
https://twitter.com/cyb3rops/status/695164706680672256
https://t.co/oNW8JeCLms
https://malwarearchaeology.squarespace.com/mmf/
https://twitter.com/cyb3rops/status/695034999096131584
https://t.co/BvXNGosdWO
http://feedproxy.google.com/~r/PaloAltoNetworks/~3/HZSd_rclbR0/
https://twitter.com/cyb3rops/status/695034774172393472
https://t.co/ukRzHygjLB
https://github.com/shellphish/how2heap
https://twitter.com/cyb3rops/status/694965992389242880
https://twitter.com/cyb3rops/status/694939833282772992
https://twitter.com/cyb3rops/status/694936450706575360
https://t.co/IsPhh9kYn6
http://www.crowdstrike.com/blog/crowdstrikes-2015-global-threat-report-intelligence-for-the-business/
https://twitter.com/cyb3rops/status/694922732585246720
https://twitter.com/cyb3rops/status/694901432651272192
https://t.co/9xYXl2kidi
http://www.cert.pl/news/11073
https://twitter.com/cyb3rops/status/694875690341109760
https://twitter.com/cyb3rops/status/694770751631654912
https://t.co/2pLjled1a6
http://seclist.us/qualys-ssl-labs-scanning-tool.html
https://twitter.com/cyb3rops/status/694770618026344450
https://t.co/CKm7RshqYg
http://seclist.us/sslyze-v0-13-3-fast-and-full-featured-ssl-scanner.html
https://twitter.com/cyb3rops/status/694770543753576448
https://t.co/2bgqfLwUGr
http://seclist.us/chuckle-an-automated-smb-relay-script.html
https://twitter.com/cyb3rops/status/694673008670216192
https://t.co/1d0s7FSyuk
http://blogs.technet.com/b/sysinternals/archive/2016/02/02/update-sigcheck-v2-5-process-explorer-v16-11-whois-v1-13-rammap-v1-5.aspx
https://twitter.com/cyb3rops/status/694672826121457665
https://t.co/inIvutJEMF
https://t.co/V8SLQ9SOx3
http://Securelist.com
https://securelist.com/blog/research/73565/hidden-tear-and-its-spin-offs/
https://twitter.com/cyb3rops/status/694617526718832642
https://t.co/0F4lhId8nF
http://arstechnica.com/security/2016/02/crypto-flaw-was-so-glaring-it-may-be-intentional-eavesdropping-backdoor/
https://twitter.com/cyb3rops/status/694617290227195904
https://t.co/lHVFNHdlpG
http://www.invoke-ir.com/2016/02/copying-locked-files-with-powerforensics.html
https://twitter.com/cyb3rops/status/694523469103546368
https://t.co/XHlnEDY7lf
https://www.schneier.com/blog/archives/2016/02/more_details_on_2.html
https://twitter.com/cyb3rops/status/694523339868618752
https://t.co/xcp5jYYBIf
http://feedproxy.google.com/~r/ehacking/~3/ZgJwDWK5kso/android-security-updates-7-critical.html
https://twitter.com/cyb3rops/status/694523218456100865
https://t.co/BJ7k7PqBK8
http://www.reddit.com/r/Malware/comments/43thxm/zscaler_research_malicious_office_files_dropping/
https://twitter.com/cyb3rops/status/694522826829750274
https://twitter.com/cyb3rops/status/694408344254160896
https://t.co/VDfJWkkWy5
http://seclist.us/powersccm-powershell-module-to-interact-with-sccm-databases-for-both-offensive-defensive-applications.html
https://twitter.com/cyb3rops/status/694304757612154880
https://t.co/phwLRen07K
https://www.blueliv.com/research/tracking-the-footproints-of-pushdo-trojan/
https://twitter.com/cyb3rops/status/694269483075137536
https://t.co/TglH5BXhos
http://seclist.us/narooto-is-a-decent-lkm-rootkit.html
https://twitter.com/cyb3rops/status/694269379240943617
https://t.co/7Jg8ho4Gsy
http://arstechnica.com/security/2016/02/default-settings-in-apache-may-decloak-tor-hidden-services/
https://twitter.com/cyb3rops/status/694268812603068416
https://t.co/K7AcJUmsgv
https://www.schneier.com/blog/archives/2016/02/nsa_and_gchq_ha.html
https://twitter.com/cyb3rops/status/694214154719227908
https://t.co/zi15kb5QsK
http://arstechnica.com/security/2016/02/using-ipv6-with-linux-youve-likely-been-visited-by-shodan-and-other-scanners/
https://twitter.com/cyb3rops/status/694195252111003648
https://t.co/AIwDeJRzSn
https://t.co/rewTRFpWul
http://klear.com/profile/Cyb3rOps
http://klear.com/skills/Information%20Security
https://twitter.com/cyb3rops/status/694171924730155009
https://t.co/oHWcnT9JJW
https://twitter.com/veorq/status/693805010891726848
https://twitter.com/cyb3rops/status/694165909032796160
https://t.co/zNkYGRGrq5
https://www.schneier.com/blog/archives/2016/02/nsas_tao_on_int.html
https://twitter.com/cyb3rops/status/694111207377256449
https://twitter.com/cyb3rops/status/694068552660295680
https://t.co/NitWfv7pOP
https://github.com/gentilkiwi/mimikatz/releases/tag/2.1.0-alpha-20160131
https://twitter.com/cyb3rops/status/694062271149031424
https://t.co/yKoFeKls98
http://seclist.us/jsql-injection-v0-74-a-java-tool-for-automatic-database-injection.html
https://twitter.com/cyb3rops/status/693914259839918080
https://t.co/Ukd6XF1kvs
https://www.troopers.de/troopers16/agenda/
https://twitter.com/cyb3rops/status/693912524052369408
https://t.co/IlPSWUAOzi
https://github.com/Neo23x0/Loki/blob/master/signatures/apt_codoso.yar
https://twitter.com/cyb3rops/status/693861852825133057
https://t.co/nsRaQxrbqu
https://www.proofpoint.com/us/exploring-bergard-old-malware-new-tricks
https://twitter.com/cyb3rops/status/693591828298387456
https://t.co/aD96u6ordF
http://seclist.us/wpxf-wordpress-exploit-framework.html
https://twitter.com/cyb3rops/status/693559506681360384
https://twitter.com/cyb3rops/status/693470729514409984
https://t.co/3DGLeeXYk1
http://seclist.us/powerforensics-v1-1-1-powershell-digital-forensics.html
https://twitter.com/cyb3rops/status/693459369862774784
https://t.co/JSQRN7cgXF
http://seclist.us/malware-jail-sandbox-for-semi-automatic-javascript-malware-analysis-and-payload-extraction.html
https://twitter.com/cyb3rops/status/693171520877809664
https://t.co/1c2aY6K0IV
http://blog.politoinc.com/2016/01/burpsuite-yara-plugin/
https://twitter.com/cyb3rops/status/693160139902312448
https://t.co/ayTOLi9imE
https://securelist.com/blog/research/73503/from-linux-to-windows-new-family-of-cross-platform-desktop-backdoors-discovered/
https://twitter.com/cyb3rops/status/693140240081522689
https://t.co/Qye2Y28p5a
https://technet.microsoft.com/en-us/library/ee857087.aspx
https://twitter.com/cyb3rops/status/693060752811429888
https://twitter.com/cyb3rops/status/693058996719194112
https://t.co/ZxI5sCNYqJ
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-rv220
https://twitter.com/cyb3rops/status/693056245717188609
https://t.co/GJeRsRlRod
https://www.insinuator.net/2016/01/die/
https://twitter.com/cyb3rops/status/692814037483126785
https://t.co/8ceE7rq8Ob
https://securelist.com/blog/research/73440/blackenergy-apt-attacks-in-ukraine-employ-spearphishing-with-word-documents/
https://twitter.com/cyb3rops/status/692811432094744576
https://t.co/oAGjTlbM6T
http://blog.virustotal.com/2016/01/putting-spotlight-on-firmware-malware_27.html?m=1
https://twitter.com/cyb3rops/status/692809442446962693
https://twitter.com/cyb3rops/status/692808673752694788
https://t.co/8ftu1Maft6
https://manalyzer.org/
https://twitter.com/cyb3rops/status/692807820102778881
https://t.co/bPvzIWRRrD
https://www.shellandco.net/fail2ban-gui/
https://twitter.com/cyb3rops/status/692806646398107648
https://t.co/HRjOvqBBuJ
http://arstechnica.com/security/2016/01/high-severity-bug-in-openssl-allows-attackers-to-decrypt-https-traffic/
https://twitter.com/cyb3rops/status/692772065217216512
https://t.co/k3gxYBCoZt
http://seclist.us/climber-check-unixlinux-systems-for-privilege-escalation.html
https://twitter.com/cyb3rops/status/692696909862039552
https://twitter.com/cyb3rops/status/692689379039559680
https://twitter.com/cyb3rops/status/692674598765248512
https://t.co/b94Y1ZHcEj
http://microsoft-news.com/microsoft-releases-new-tool-policy-analyzer/
https://twitter.com/cyb3rops/status/692609137063137280
https://t.co/6LToPRllsT
http://blog.erratasec.com/2016/01/net-ring-buffers-are-essential-to-os.html
https://twitter.com/cyb3rops/status/692606552281354240
https://t.co/89JIAxCgc4
http://seclist.us/metasploit-modules-to-perform-sharepoint-misconfiguration-exploitation.html
https://twitter.com/cyb3rops/status/692602658201452544
https://t.co/l6roGhkKwQ
http://arstechnica.com/information-technology/2016/01/oracle-deprecates-the-java-browser-plugin-prepares-for-its-demise/
https://twitter.com/cyb3rops/status/692464372761903105
https://twitter.com/cyb3rops/status/692463881743110152
https://twitter.com/cyb3rops/status/692463538800070659
https://t.co/2Q2Yc0WuNX
https://adsecurity.org/?p=2535
https://twitter.com/cyb3rops/status/692461629024370688
https://t.co/w56iiPoHdF
http://seclist.us/ysoserial-v-0-0-3-a-proof-of-concept-tool-for-generating-payloads-that-exploit-unsafe-java-object-deserialization.html
https://twitter.com/cyb3rops/status/692406884788277249
https://t.co/oaKY5inFgc
http://blog.portswigger.net/2016/01/xss-without-html-client-side-template.html
https://twitter.com/cyb3rops/status/692405566812110848
https://t.co/psj5EK4QpI
http://blogs.cisco.com/security/talos/miniupnp-protection
https://twitter.com/cyb3rops/status/692404143714111488
https://t.co/WN88azRJap
https://www.stamus-networks.com/open-source/
https://twitter.com/cyb3rops/status/692277801274208256
https://t.co/0eeg4bL0rN
http://arstechnica.com/security/2016/01/israels-electric-grid-hit-by-severe-hack-attack/
https://twitter.com/cyb3rops/status/692274497320325120
https://twitter.com/cyb3rops/status/692128209039683586
https://t.co/twTdtGvhCL
http://www.davidegrayson.com/signing/
https://twitter.com/cyb3rops/status/692051684877582336
https://t.co/1vALh8euZm
http://arstechnica.com/tech-policy/2016/01/moment-of-truth-feds-must-say-if-they-used-backdoored-juniper-firewalls/
https://twitter.com/cyb3rops/status/691897546726318080
https://t.co/4MwyziWiL9
https://t.co/zWk6uJszIA
http://NYTimes.com
http://mobile.nytimes.com/2016/01/26/business/marvin-minsky-pioneer-in-artificial-intelligence-dies-at-88.html?smid=tw-nytimes&smtyp=cur&_r=0&referer=https://t.co/izmIrqDN3j
https://twitter.com/cyb3rops/status/691882589376872449
https://t.co/Jv1V6kpgFR
http://arstechnica.com/security/2016/01/bug-in-magento-puts-millions-of-e-commerce-merchants-at-risk-of-takeover/
https://twitter.com/cyb3rops/status/691882503875989504
https://t.co/I6TbakFwSN
https://blog.hboeck.de/archives/879-Safer-use-of-C-code-running-Gentoo-with-Address-Sanitizer.html
https://twitter.com/cyb3rops/status/691882277731733505
https://t.co/d4eRYvP6wA
http://seclist.us/tater-is-a-powershell-implementation-of-the-hot-potato-windows-privilege-escalation-exploit.html
https://twitter.com/cyb3rops/status/691882150908530688
https://t.co/fbhwgS5Yq0
http://blog.jpcert.or.jp/2016/01/windows-commands-abused-by-attackers.html
https://twitter.com/cyb3rops/status/691736525302816768
https://t.co/aFgwIEna1N
http://feedproxy.google.com/~r/darknethackers/~3/-YuMm22Tv48/
https://twitter.com/cyb3rops/status/691646162785406976
https://t.co/GalsoYk0v2
https://www.schneier.com/blog/archives/2016/01/shodan_lets_you.html
https://twitter.com/cyb3rops/status/691543157167788032
https://t.co/3O3CfZ2BGC
http://seclist.us/arpon-arp-handler-inspection-v3-0-ng-released.html
https://twitter.com/cyb3rops/status/691519248829648896
https://t.co/3AYeqAL6sk
https://isc.sans.edu/diary.html?storyid=20645&rss
https://twitter.com/cyb3rops/status/691516716912877572
https://t.co/QKPaGYOtxa
http://researchcenter.paloaltonetworks.com/2016/01/scarlet-mimic-years-long-espionage-targets-minority-activists/
https://twitter.com/cyb3rops/status/691066049303830529
https://t.co/UVKzez8vGP
https://github.com/Cn33liz/p0wnedShell/blob/master/README.md
https://twitter.com/cyb3rops/status/691053760899063808
https://t.co/Tu5gClvm3W
http://blog.kiddaland.net/2016/01/sprinkling-morning-dew-and-summer.html?m=1
https://twitter.com/cyb3rops/status/690863339807838208
https://twitter.com/cyb3rops/status/690833886419533825
https://twitter.com/cyb3rops/status/690831998118707200
https://t.co/4W2GG1IT57
https://Github.com/themattrix/bash-concurrent/blob/master/README.md
https://twitter.com/cyb3rops/status/690830843057684480
https://t.co/MHqH4yylPS
http://www.crowdstrike.com/blog/the-importance-of-logs/
https://twitter.com/cyb3rops/status/690828477407346688
https://t.co/fq9RnO5Y68
http://www.amazon.com/dp/184719494X/
https://twitter.com/cyb3rops/status/690825483466981376
https://t.co/rfHfujsA9I
https://www.syncfusion.com/resources/techportal/ebooks
https://twitter.com/cyb3rops/status/690647376453828610
https://t.co/e7S3dc52nM
https://isc.sans.edu/diary.html?storyid=20639&rss
https://twitter.com/cyb3rops/status/690646913289445376
https://t.co/f3NszO8mfu
http://seclist.us/sftpfuzzer-simple-ftp-fuzzer.html
https://twitter.com/cyb3rops/status/690646711396651008
https://t.co/HpRO3iNqi3
http://blog.malwarebytes.org/security-threat/2016/01/trojan-dnschanger-circumvents-powershell-restrictions/
https://twitter.com/cyb3rops/status/690646086092988416
https://t.co/ahFOaFJZrE
https://www.damballa.com/threat-actors-use-sketchy-dating-website-to-launch-new-home-router-attacks/
https://twitter.com/cyb3rops/status/690643950479265793
https://t.co/NQjrkfPJhA
https://www.schneier.com/blog/archives/2016/01/uk_government_p.html
https://twitter.com/cyb3rops/status/690643796443422720
https://t.co/gj2D6HvNjn
http://arstechnica.com/security/2016/01/secret-ssh-backdoor-in-fortinet-hardware-found-in-more-products/
https://twitter.com/cyb3rops/status/690613897510965248
https://twitter.com/cyb3rops/status/690604648915456000
https://t.co/8qXHnCXK0n
https://www.virustotal.com/en/file/a77eb9a58f3ee09d9ab81f9a0dd42aacf01f1c779eb341f88f16b58883b54321/analysis/1453487501/
https://twitter.com/cyb3rops/status/690600451226607616
https://twitter.com/cyb3rops/status/690510468784472064
https://twitter.com/cyb3rops/status/690253876147134464
https://t.co/JosN8nqarE
http://arstechnica.com/security/2016/01/media-devices-sold-to-feds-have-hidden-backdoor-with-sniffing-functions/
https://twitter.com/cyb3rops/status/690207402805874688
https://t.co/PuSrovHbQ6
https://cuckoosandbox.org/2016-01-21-cuckoo-sandbox-20-rc1.html
https://twitter.com/cyb3rops/status/690112345557856256
https://t.co/EItmxqqZ0j
https://www.cert.be/submit-or-report-incident
https://twitter.com/cyb3rops/status/690111833227841537
https://twitter.com/cyb3rops/status/690111107005091840
https://twitter.com/cyb3rops/status/690091643291226112
https://twitter.com/cyb3rops/status/690067614668746752
https://t.co/aQvmvcX8I2
http://arstechnica.com/security/2016/01/ios-cookie-theft-bug-allowed-hackers-to-impersonate-users/
https://twitter.com/cyb3rops/status/690067266411614208
https://t.co/86Moc7tP1P
http://seclist.us/searchsploit-exploit-database-in-windows-version.html
https://twitter.com/cyb3rops/status/689917114476552192
https://t.co/eEq1W631Sm
https://wiki.python.org/moin/PythonSpeed/PerformanceTips
https://twitter.com/cyb3rops/status/689873847458402304
https://t.co/4d6bUuju71
http://arstechnica.com/tech-policy/2016/01/phone-crypto-scheme-facilitates-undetectable-mass-surveillance/
https://twitter.com/cyb3rops/status/689847463851749377
https://t.co/0m1fjYjwYA
http://seclist.us/ssh-keyscanner-search-shodan-for-a-given-ssh-hostkey-fingerprint.html
https://twitter.com/cyb3rops/status/689847080324579328
https://t.co/scSkddaAcg
http://seclist.us/crowbar-v3-4-is-a-brute-force-tool-which-is-support-openvpn-rdp-sshkey-vnckey.html
https://twitter.com/cyb3rops/status/689846604392763392
https://t.co/7j9GwKfMtk
https://securelist.com/blog/research/73211/the-asacub-trojan-from-spyware-to-banking-malware/
https://twitter.com/cyb3rops/status/689839836342038529
https://t.co/H5MfdaIPFJ
http://la.trendmicro.com/media/misc/understanding-wmi-malware-research-paper-en.pdf
https://twitter.com/cyb3rops/status/689825585443573760
https://t.co/64HfoY1D5x
http://blog.cylance.com/puttering-into-the-future
https://twitter.com/cyb3rops/status/689599245758894084
https://t.co/O6hBq1jC8d
http://phishme.com/dridex-pony-and-neutrinooh-my/
https://twitter.com/cyb3rops/status/689598736092250112
https://t.co/fNNWcAA85O
http://seclist.us/gladius-easy-mode-from-responder-to-credentials.html
https://twitter.com/cyb3rops/status/689584441484808192
https://t.co/iE635DuVVR
https://github.com/Neo23x0/Loki/blob/master/iocs/filename-iocs.txt#L1215
https://twitter.com/cyb3rops/status/689559156819410944
https://t.co/l8V9Fk5VKE
http://windowsir.blogspot.com/2016/01/more-registry-fun.html
https://twitter.com/cyb3rops/status/689559076070690816
https://t.co/hSOXtq99wW
http://arstechnica.com/security/2016/01/linux-bug-imperils-tens-of-millions-of-pcs-servers-and-android-phones/
https://twitter.com/cyb3rops/status/689558304574537729
https://t.co/9PI5DrjqD1
https://www.schneier.com/blog/archives/2016/01/reverse-enginee_1.html
https://twitter.com/cyb3rops/status/689477462976102401
https://t.co/SxdQS6wLnS
https://www.cs.ox.ac.uk/files/6487/pwvault.pdf
https://twitter.com/cyb3rops/status/689471491067494404
https://t.co/sacHzgTw8r
https://docs.google.com/spreadsheets/d/17pSTDNpa0sf6pHeRhusvWG6rThciE8CsXTSlDUAZDyo/
https://twitter.com/cyb3rops/status/689454808600739840
https://t.co/3RgV57fIrG
http://feeds.feedblitz.com/~/133626561/0/recordedfuture~Threat-Intelligence-and-SIEM-Part-%e2%80%94-Reactive-Security/
https://twitter.com/cyb3rops/status/689359058193797120
https://t.co/VVqnGnteb3
https://github.com/Neo23x0/Loki
https://twitter.com/cyb3rops/status/689139902882119680
https://t.co/87y6eosnJL
https://www.concise-courses.com/security/conferences-top-ten-must-go-to/
https://twitter.com/cyb3rops/status/689138393121427456
https://t.co/vI2ETnGk4l
http://feedproxy.google.com/~r/infosecResources/~3/ELdhJ8XgRxA/
https://twitter.com/cyb3rops/status/689137546241159168
https://t.co/GJgQXRGnGr
https://securelist.com/blog/research/73305/targeted-mobile-implants-in-the-age-of-cyber-espionage/
https://twitter.com/cyb3rops/status/689136837324107776
https://t.co/oHMf0crGC8
https://t.co/oMKifHioQh
http://netboot.xyz
https://github.com/antonym/netboot.xyz
https://twitter.com/cyb3rops/status/689127878697611265
https://t.co/mzdPZZYS7K
https://github.com/hfiref0x/ZeroAccess
https://twitter.com/cyb3rops/status/689115098003066881
https://t.co/298qXHOoY6
https://t.co/Sc6CyzlmqW
https://www.bsk-consulting.de/2015/03/21/detect-system-file-manipulations-with-sysinternals-sysmon/
https://www.scribd.com/doc/294850547/Windows-Security-Monitoring-Special-Evaluations
https://twitter.com/cyb3rops/status/689011563018219521
https://t.co/SGbFGKSy1u
http://seclist.us/jreframeworker-v1-1-1-a-practical-tool-for-creating-managed-code-rootkits-mcrs-in-the-java-runtime-environment.html
https://twitter.com/cyb3rops/status/689011121051840512
https://t.co/krssqWY6ty
https://github.com/lukasmartinelli/py14/blob/master/README.md
https://twitter.com/cyb3rops/status/688991832097845249
https://t.co/YlxTINgG5f
https://github.com/certsocietegenerale/FIR/blob/master/README.md
https://twitter.com/cyb3rops/status/688793547877822464
https://t.co/CmY9V0sdLx
http://rocknsm.io/
https://twitter.com/cyb3rops/status/688708877190348801
https://t.co/J2jaUk5OVh
https://github.com/cxxr/lostpass
https://twitter.com/cyb3rops/status/688655314061758464
https://t.co/sZjvVtjxgH
http://seclist.us/venom-sh-v1-0-8-stable-released-msfvenom-shellcode-generatorcompilerlistenner.html
https://twitter.com/cyb3rops/status/688511567525183488
https://t.co/GSwhKOCkoq
https://chocolatey.org/
https://twitter.com/cyb3rops/status/688476244275494912
https://t.co/mW6VBVCIJw
http://seclist.us/potato-windows-privilege-escalation-through-ntlm-relay-and-nbns-spoofing.html
https://twitter.com/cyb3rops/status/688446745186013185
https://t.co/iG84hKvL2a
https://github.com/DynamoRIO/drmemory
https://twitter.com/cyb3rops/status/688328447014363136
https://twitter.com/cyb3rops/status/688312968531030016
https://t.co/d5Bjin3bMc
http://toshellandback.com/2015/11/24/ms-priv-esc/
https://twitter.com/cyb3rops/status/688280350448062464
https://t.co/DEMOqxB1jg
http://seclist.us/east-v0-9-6-exploits-and-security-tools-framework.html
https://twitter.com/cyb3rops/status/688103266211594240
https://t.co/jZetkkZBiV
http://arstechnica.com/security/2016/01/security-firm-sued-for-filing-woefully-inadequate-forensics-report/
https://twitter.com/cyb3rops/status/688090488516284417
https://t.co/caEmCl6L6K
http://feedproxy.google.com/~r/darknethackers/~3/47qAUe3__OY/
https://twitter.com/cyb3rops/status/688050989346217985
https://t.co/YeVvlWvWdV
https://t.co/Xyn0YXMaNp
http://ASP.NET
http://seclist.us/padding-oracle-attack-against-asp-net.html
https://twitter.com/cyb3rops/status/688025563789942789
https://t.co/4OD0e2MoAI
https://t.co/0X5MeokldL
https://github.com/g0tmi1k/exe2hex
https://github.com/Neo23x0/Loki/blob/master/signatures/generic_exe2hex_payload.yar
https://twitter.com/cyb3rops/status/688010864255983616
https://t.co/6tAdXysM0P
https://github.com/Neo23x0/yarAnalyzer/
https://twitter.com/cyb3rops/status/687990534606991360
https://t.co/Xr8mhVZ4VZ
http://toshellandback.com/2015/11/24/%20ms-priv-esc/
https://twitter.com/cyb3rops/status/687748815600922625
https://t.co/Kf1TCTCXxt
http://seclist.us/smod-modbus-penetration-testing-framework.html
https://twitter.com/cyb3rops/status/687748597736157184
https://t.co/70BQwG1hrr
https://blogs.mcafee.com/mcafee-labs/updated-blackenergy-trojan-grows-more-powerful/
https://twitter.com/cyb3rops/status/687748269586419713
https://t.co/oaRymp9CH2
https://github.com/RPISEC/Malware/blob/master/README.md
https://twitter.com/cyb3rops/status/687741616027774978
https://t.co/NzRzBH1g54
http://seclist.us/mts-is-a-opensource-multi-protocol-tester-for-ip-based-protocol.html
https://twitter.com/cyb3rops/status/687660549400821760
https://t.co/hvtZJzMM6v
http://www.mail-archive.com/misc@openbsd.org/msg144351.html
https://twitter.com/cyb3rops/status/687652237288587264
https://t.co/Yy8Xkcebmr
https://docs.google.com/spreadsheets/d/17pSTDNpa0sf6pHeRhusvWG6rThciE8CsXTSlDUAZDyo
https://twitter.com/cyb3rops/status/687612326992842752
https://t.co/ciiDTtKLCt
https://twitter.com/netsurion/status/529714792437919745
https://twitter.com/cyb3rops/status/687593109836959744
https://t.co/pZuW3dfBXI
http://securityblog.gr/3174/exploit-local-and-remote-file-inclusion/
https://twitter.com/cyb3rops/status/687589463028011008
https://t.co/iMD0SjhbcQ
http://rubular.com/r/FRoObXn9Kx
https://twitter.com/cyb3rops/status/687544754716938241
https://t.co/UgGYX4cgep
http://blog.malwarebytes.org/security-threat/2016/01/when-url-shorteners-and-ransomware-collide/
https://twitter.com/cyb3rops/status/687418925160726529
https://t.co/6oJiDkItVM
http://seclist.us/doork-is-an-open-source-passive-vulnerability-auditor-tool.html
https://twitter.com/cyb3rops/status/687357406477742080
https://t.co/EXV0xehQtx
https://code.google.com/p/google-security-research/issues/detail?id=693
https://twitter.com/cyb3rops/status/687351353878933504
https://t.co/pufos2718a
https://twitter.com/_fel1x/status/687331548320894976
https://twitter.com/cyb3rops/status/687350117452627972
https://t.co/YGPJdxR2ON
https://twitter.com/chrisdoman/status/687314698535067648
https://twitter.com/cyb3rops/status/687347820567916544
https://t.co/EvyRwiMAam
http://www.pentest.guru/index.php/2016/01/13/zoomeye-the-valid-iot-search-engine-you-never-heard-of/
https://twitter.com/cyb3rops/status/687345998927114240
https://t.co/4voLPRhTAi
http://www.fireeye.com/blog/threat-research/2016/01/slembunk-part-two.html
https://twitter.com/cyb3rops/status/687319680680390657
https://t.co/l23KF8Bviq
http://baesystemsai.blogspot.com/2013/11/security-issues-with-using-phps.html
https://twitter.com/cyb3rops/status/687319208926015490
https://t.co/cC3jSqjetx
https://blog.cloudflare.com/flexible-secure-ssh-with-dnssec/
https://twitter.com/cyb3rops/status/687315237129814016
https://t.co/OhVStWtDUa
http://feedproxy.google.com/~r/eset/blog/~3/Hl9h18uu_5E/
https://twitter.com/cyb3rops/status/687314925895692288
https://t.co/daFIQBNnCK
http://arstechnica.com/security/2016/01/us-intelligence-directors-personal-e-mail-phone-hacked/
https://twitter.com/cyb3rops/status/687171430262398976
https://t.co/cUQ3zCoPtf
http://arstechnica.com/security/2016/01/et-tu-fortinet-hard-coded-password-raises-new-backdoor-eavesdropping-fears/
https://twitter.com/cyb3rops/status/687170340737257472
https://t.co/FV556mEJxs
http://seclist.us/crisp-sh-v1-0-7-msfvenom-shellcode-generatorcompilerlistenner.html
https://twitter.com/cyb3rops/status/687170155105927168
https://t.co/y6QQC0fpKK
http://seclist.us/gophish-v0-1-alpha-open-source-phishing-toolkit.html
https://twitter.com/cyb3rops/status/686901786167390208
https://t.co/LlHbyVc7Np
https://www.biostars.org/p/63816/
https://twitter.com/cyb3rops/status/686811334130937856
https://t.co/6wOhN7kPv4
https://support.microsoft.com/en-us/lifecycle#gp/Microsoft-Internet-Explorer
https://twitter.com/cyb3rops/status/686809725619585024
https://t.co/3z9Vb3U6nA
http://seclist.us/updates-nosqlmap-automated-mongo-database-and-nosql-web-application-exploitation-tool.html
https://twitter.com/cyb3rops/status/686691065626259459
https://t.co/XLyktKvHTt
http://blog.malwarebytes.org/intelligence/2016/01/ransom32-look-at-the-malicious-package/
https://twitter.com/cyb3rops/status/686616852164907009
https://t.co/t38zhB2GyN
http://feedproxy.google.com/~r/darknethackers/~3/XgaGzgSN1IQ/
https://twitter.com/cyb3rops/status/686606482452918272
https://t.co/1pvv5esPHt
https://github.com/nikicat/web-malware-collection
https://twitter.com/cyb3rops/status/686578372512624640
https://t.co/KJNYT9SScV
https://t.co/GOeQbFAPtc
http://Redditshell.com
https://redditshell.com
https://twitter.com/cyb3rops/status/686443685450510336
https://t.co/zBEX3ZAAjn
https://www.serverdensity.com/appletv/?ref=producthunt
https://twitter.com/cyb3rops/status/686440383069466624
https://t.co/0cgPLFUlPC
http://seclist.us/lynis-v-2-1-8-is-a-system-and-security-auditing-tool-for-unixlinux.html
https://twitter.com/cyb3rops/status/686440008262107136
https://t.co/M3676Hp8PI
http://seclist.us/0d1n-v2-0-beta-is-a-tool-for-automating-customized-attacks-against-web-applications.html
https://twitter.com/cyb3rops/status/686343836386344960
https://t.co/H0hU10xBY5
http://krakenrider.blogspot.de/2015/11/a-fail.html
https://twitter.com/cyb3rops/status/686277703616577536
https://t.co/TTbElKUfXB
http://arstechnica.com/security/2016/01/juniper-drops-nsa-developed-code-following-new-backdoor-revelations/
https://twitter.com/cyb3rops/status/686224346726174720
https://t.co/1Oq7W51VKU
https://analytics.twitter.com/user/netbiosX/home
https://twitter.com/cyb3rops/status/686200910389751809
https://t.co/vQpIgOCmz1
http://cmd.to/
https://twitter.com/cyb3rops/status/686134730258014212
https://t.co/4YvyYIyPif
https://mobile.twitter.com/Cyb3rOps/status/654007404649050112
https://twitter.com/cyb3rops/status/686134316750008320
https://t.co/i6ia3WuQhk
https://www.theobjectivestandard.com/issues/2008-winter/net-neutrality/
https://twitter.com/cyb3rops/status/686130062442246144
https://t.co/nlMRHeuAph
https://github.com/pyinstaller/pyinstaller/releases/tag/v3.1
https://twitter.com/cyb3rops/status/686110404314005504
https://t.co/90v9DEsHNQ
http://www.kahusecurity.com/2016/javascript-deobfuscator-updated-2/
https://twitter.com/cyb3rops/status/685952530812121088
https://t.co/oVx4Hu4a3J
https://github.com/mschultheiss/Noisecrypt
https://twitter.com/cyb3rops/status/685946229155577856
https://t.co/bbHKwm9rmX
https://github.com/mbachry/exxo
https://twitter.com/cyb3rops/status/685898564258672640
https://t.co/EF6W7IvPFV
https://transfer.sh/
https://twitter.com/cyb3rops/status/685892511018147840
https://t.co/1qBzjAuU7b
https://github.com/Eriner/zim/blob/master/README.md
https://twitter.com/cyb3rops/status/685891800104611840
https://t.co/EFCZBcOB0t
http://seclist.us/horus-is-a-security-framework-for-pentesting-android-apps.html
https://twitter.com/cyb3rops/status/685890321356570625
https://t.co/brxFt866cj
https://github.com/SAMLRaider/SAMLRaider/blob/master/README.md
https://twitter.com/cyb3rops/status/685840728434544640
https://t.co/vavEl2AHPO
https://t.co/BZVLOYdq3X
http://www.decalage.info/exefilter
https://twitter.com/decalage2/status/685839916635451392
https://twitter.com/cyb3rops/status/685764084445364224
https://t.co/7nxoKsYM6W
http://roscidus.com/blog/blog/2016/01/01/a-unikernel-firewall-for-qubesos/
https://twitter.com/cyb3rops/status/685754140136484864
https://t.co/S1P1bRgUK1
https://isc.sans.edu/diary.html?storyid=20593&rss
https://twitter.com/cyb3rops/status/685745129567694849
https://t.co/oiWodMzuRI
https://twitter.com/PayloadSecurity/status/685592145630228480
https://twitter.com/cyb3rops/status/685631528509009920
https://t.co/943w5oXny6
https://github.com/vektorlab/slackcat
https://twitter.com/cyb3rops/status/685631177756127233
https://t.co/jOxwDc7vQw
http://seclist.us/joy-a-package-for-capturing-and-analyzing-for-network-research-forensics-security-monitoring.html
https://twitter.com/cyb3rops/status/685483610531467265
https://t.co/OqP5kj4ZoU
https://t.co/BiXgDOmsmH
https://github.com/pellegre/libcrafter
https://github.com/pellegre/libcrafter-examples
https://twitter.com/cyb3rops/status/685474063855304705
https://t.co/GEgr6EwwCI
https://github.com/lukasmartinelli/nigit/blob/master/README.md
https://twitter.com/cyb3rops/status/685452646619197440
https://t.co/M3qez7jypa
https://t.co/cXjBouqw0Y
https://www.bsk-consulting.de/neologger-windows-syslog-logger-tool/
http://www.bsk-consulting.de/download/neolog_0.8.1_collection.zip
https://twitter.com/cyb3rops/status/685371288609751041
https://t.co/0zRGasTaxj
https://github.com/RUB-NDS/OpenID-Attacker?platform=hootsuite
https://twitter.com/cyb3rops/status/685330132152795136
https://t.co/em0iHJLJoE
http://seclist.us/east-exploits-and-security-tools-framework.html
https://twitter.com/cyb3rops/status/685243190564241408
https://t.co/Cm6ms2V8aO
http://www.fireeye.com/blog/threat-research/2015/12/flare_script_series.html
https://twitter.com/cyb3rops/status/685240778394865664
https://t.co/Sc6Cyz3Lzo
https://www.scribd.com/doc/294850547/Windows-Security-Monitoring-Special-Evaluations
https://twitter.com/cyb3rops/status/685208159057743872
https://t.co/yiEwEduOvG
http://arstechnica.com/security/2016/01/malicious-apps-in-google-play-made-unauthorized-downloads-sought-root/
https://twitter.com/cyb3rops/status/685207993147899904
https://t.co/MlstOP1TSD
http://seclist.us/stenographer-is-a-full-packet-capture-for-intrusion-detectionincident-response-purposes.html
https://twitter.com/cyb3rops/status/685192587246985216
https://t.co/st1x2XzX2B
https://twitter.com/jgrunzweig/status/684790351039606784
https://twitter.com/cyb3rops/status/685191015867793409
https://t.co/AMZTmSkhdw
http://blog.malwarebytes.org/fraud-scam/2016/01/clickjacking-campaign-plays-on-european-cookie-law/
https://twitter.com/cyb3rops/status/685143893503901696
https://t.co/dLZXgsbs7n
https://github.com/edix/LoadDll/blob/master/README.md
https://twitter.com/cyb3rops/status/685129303454015488
https://t.co/niellsQH9s
http://seclist.us/v3n0m-v4-0-1-a-tool-to-automate-mass-sqli-d0rk-scanner.html
https://twitter.com/cyb3rops/status/685129182473535489
https://t.co/h6hOFA1V1V
http://feedproxy.google.com/~r/Vrt/~3/XXgxWa_-afg/rigging-compromise.html
https://twitter.com/cyb3rops/status/685079059341164544
https://twitter.com/cyb3rops/status/685078480963375105
https://t.co/acmSg9HkHi
http://www.darkoperator.com/blog/2014/8/8/sysinternals-sysmon
https://twitter.com/cyb3rops/status/685061766498402307
https://twitter.com/cyb3rops/status/685010211766202368
https://twitter.com/cyb3rops/status/685006556883226624
https://t.co/hFaaW8WmHf
http://goo.gl/VbgZLO
https://twitter.com/cyb3rops/status/685001341345902592
https://t.co/M6QPFPxVy4
https://twitter.com/mniemietz/status/684800767027474432
https://twitter.com/cyb3rops/status/685000649226989569
https://t.co/6bmDdGQY9V
https://twitter.com/r00tbsd/status/684825755029794816
https://twitter.com/cyb3rops/status/684999922408636416
https://t.co/sdhvZNKPLs
http://blog.didierstevens.com/2016/01/07/blackenergy-xls-dropper/
https://twitter.com/cyb3rops/status/684882553082384386
https://t.co/qpManoJ3yd
http://nxlog.org/
https://twitter.com/cyb3rops/status/684881314475032576
https://t.co/kQdAkuJmDG
http://feedproxy.google.com/~r/PaloAltoNetworks/~3/QIm-uOypK4M/
https://twitter.com/cyb3rops/status/684825802672832513
https://t.co/w6iPhMWn1C
https://github.com/rfjakob/gocryptfs
https://twitter.com/cyb3rops/status/684792225709031424
https://t.co/wBM130frFr
http://feedproxy.google.com/~r/zscaler/research/~3/7Dz8bGWb8ZY/yet-another-signed-malware-spymel.html
https://twitter.com/cyb3rops/status/684766405808394240
https://t.co/IegdcNgi8K
https://github.com/idanr1986/cuckoo-droid
https://twitter.com/cyb3rops/status/684732028454060032
https://t.co/1YGUjFHUPN
http://www.toolswatch.org/2016/01/bluto-v1-1-14-passive-recon-tool/
https://twitter.com/cyb3rops/status/684656336131473408
https://t.co/E8k43ovtBj
http://seclist.us/arp-spoof-arp-spoofing-tool-written-in-rust-language.html
https://twitter.com/cyb3rops/status/684655977451401216
https://t.co/PPtBDbjcIB
https://adsecurity.org/?p=2495
https://twitter.com/cyb3rops/status/684495273100472326
https://t.co/M2hms57cHa
https://www.schneier.com/blog/archives/2016/01/nsa_spies_on_is.html
https://twitter.com/cyb3rops/status/684494072594194433
https://t.co/fY5NzVpISx
http://holisticinfosec.blogspot.com/2016/01/toolsmith-112-red-vs-blue-powersploit.html
https://twitter.com/cyb3rops/status/684493875776503808
https://t.co/1YQQ1g6dSl
http://arstechnica.com/security/2016/01/comcast-security-flaw-could-help-burglars-break-into-homes-undetected/
https://twitter.com/cyb3rops/status/684467229681946624
https://t.co/OViDJfHRu1
http://blogs.technet.com/b/sysinternals/archive/2016/01/05/update-sigcheck-v2-4-sysmon-v3-2-process-explorer-v16-1-autoruns-v13-51-accesschk-v6-01.aspx
https://twitter.com/cyb3rops/status/684404019268198400
https://t.co/GgsosxixHG
https://github.com/anmoljagetia/Flatabulous/blob/master/README.md
https://twitter.com/cyb3rops/status/684344185319780352
https://t.co/cHMafJvBky
http://feedproxy.google.com/~r/HelpNetSecurity/~3/uFVYxF2LLRA/secworld.php
https://twitter.com/cyb3rops/status/684299781448007680
https://t.co/cW6pm7xcOc
https://theintercept.com/2016/01/04/a-redaction-re-visited-nsa-targeted-the-two-leading-encryption-chips/
https://twitter.com/cyb3rops/status/684292677148491776
https://t.co/EoRUgtZH5N
https://github.com/lukasmartinelli/pipecat
https://twitter.com/cyb3rops/status/684088640675409924
https://t.co/HsB66fpqDp
https://github.com/GDSSecurity/EvilAbigail/blob/master/README.md
https://twitter.com/cyb3rops/status/684072173510635521
https://t.co/z3QvVhQtE6
http://feedproxy.google.com/~r/PaloAltoNetworks/~3/QvDCXczELC0/
https://twitter.com/cyb3rops/status/684026558076436480
https://t.co/z2Mm2qId58
http://eo.oe.kiwi
https://twitter.com/cyb3rops/status/683958015633035264
https://t.co/fxVFkeV8Og
http://feedproxy.google.com/~r/HelpNetSecurity/~3/URK5iY-rV7Q/secworld.php
https://twitter.com/cyb3rops/status/683957350173130752
https://t.co/bxVH1TZVA7
http://seclist.us/fire-custom-lkm-firewall-passes-packets-to-userland-python-script.html
https://twitter.com/cyb3rops/status/683950118899433472
https://t.co/u8pKqq1lni
https://www.virustotal.com/en/file/a77eb9a58f3ee09d9ab81f9a0dd42aacf01f1c779eb341f88f16b58883b54321/analysis/
https://twitter.com/cyb3rops/status/683945611935244288
https://t.co/Gih1cYKVjf
https://github.com/Neo23x0/Loki/blob/master/signatures/apt_blackenergy.yar
https://twitter.com/cyb3rops/status/683940741152903169
https://t.co/kXYRxe2CLL
https://objective-see.com/products/taskexplorer.html
https://twitter.com/cyb3rops/status/683771509719064576
https://t.co/lxYYDaoram
http://blog.emsisoft.com/2016/01/01/meet-ransom32-the-first-javascript-ransomware/
https://twitter.com/cyb3rops/status/683771179010777088
https://t.co/iTOp9gNigp
http://seclist.us/nosqlattack-automate-some-attacks-against-nosql-backed-web-applications.html
https://twitter.com/cyb3rops/status/683762742818422784
https://t.co/MTI9nZe0Sy
https://github.com/viper-framework/viper/blob/master/README.md
https://twitter.com/cyb3rops/status/683751157907505152
https://twitter.com/cyb3rops/status/683712567877959680
https://t.co/ry8sLIY0f3
https://adsecurity.org/?p=2398
https://twitter.com/cyb3rops/status/683712313719975936
https://t.co/PNaVsxkP5g
http://seclist.us/penbox-pentesting-tools-auto-downloader-script.html
https://twitter.com/cyb3rops/status/683679244384247808
https://t.co/QxVMlswcHK
https://github.com/pavel-odintsov/fastnetmon
https://twitter.com/cyb3rops/status/683626413191135232
https://t.co/KGWwrckC77
https://www.pwnieexpress.com/bypassing-hsts-ssl-with-the-mana-toolkit/
https://twitter.com/cyb3rops/status/683618859446738951
https://t.co/fnAjfkR2va
https://github.com/isra17/CryptBackdoor
https://twitter.com/cyb3rops/status/683608039031726081
https://t.co/LRU7CwPI4I
https://github.com/JBakamovic/yavide/blob/master/README.markdown
https://twitter.com/cyb3rops/status/683585506836373504
https://t.co/zjKdwd1PmB
https://github.com/Neo23x0/Loki/blob/master/signatures/apt_emissary.yar
https://twitter.com/cyb3rops/status/683533684448837632
https://t.co/YGcaM2PDob
http://seclist.us/zizzania-automated-deauth-attack.html
https://twitter.com/cyb3rops/status/683533316449038337
https://t.co/my5iO8QQXI
http://feedproxy.google.com/~r/eset/blog/~3/BXJbnGSvEFc/
https://twitter.com/cyb3rops/status/683406198121586688
https://t.co/dDOe8oLAYE
http://researchcenter.paloaltonetworks.com/2015/12/attack-on-french-diplomat-linked-to-operation-lotus-blossom/
https://twitter.com/cyb3rops/status/683378137955201024
https://t.co/nb3vpIaRZo
https://community.rapid7.com/community/infosec/blog/2015/12/26/advanced-persistant-mfp
https://twitter.com/cyb3rops/status/683377128906342400
https://t.co/1YhufsZQ0H
http://calendar.perfplanet.com/2015/new-years-diet-brotli-compression/
https://twitter.com/cyb3rops/status/683286692481007616
https://t.co/ppk4L910f5
https://github.com/nccgroup/cisco-SNMP-enumeration
https://twitter.com/cyb3rops/status/683284862225223680
https://t.co/dAjeq6eCxr
http://tkeetch.co.uk/blog/?p=58
https://twitter.com/cyb3rops/status/683257601958756352
https://t.co/CxRLTzXZXa
http://www.threatglass.com/
https://twitter.com/cyb3rops/status/683082938095894528
https://t.co/aPxOZvSFUV
https://adsecurity.org/?p=2362
https://twitter.com/cyb3rops/status/683007318775083008
https://t.co/lW4QE3mZyG
https://github.com/PatrolServer/bashscanner
https://twitter.com/cyb3rops/status/682954548487434240
https://t.co/C3bmSthX5S
https://github.com/kala13x/scap
https://twitter.com/cyb3rops/status/682928809860018177
https://t.co/ukdm0zflVM
https://twitter.com/JohnLaTwC/status/682351553240403968
https://twitter.com/cyb3rops/status/682849447953448960
https://t.co/hp6cGFCUBL
http://seclist.us/sidedoor-is-a-backdoor-using-a-reverse-ssh-tunnel.html
https://twitter.com/cyb3rops/status/682773289857495044
https://t.co/mxQiRBk2vC
https://github.com/Neo23x0/Fenrir/blob/master/README.md
https://twitter.com/cyb3rops/status/682758209958850561
https://t.co/EtwEpvzPEF
https://github.com/ctxis/wsuspect-proxy/blob/master/README.md
https://twitter.com/cyb3rops/status/682743117502496768
https://t.co/ioeWp4EJ8s
https://www.bsk-consulting.de/2015/10/17/how-to-write-simple-but-sound-yara-rules-part-2/
https://twitter.com/cyb3rops/status/682728006725447681
https://t.co/2DfWbmpDzV
http://www.greyhathacker.net/?p=738
https://twitter.com/cyb3rops/status/682712915250524160
https://t.co/4K450Si7aX
https://github.com/kilianc/rtail/blob/develop/README.md
https://twitter.com/cyb3rops/status/682711198035505152
https://twitter.com/cyb3rops/status/682697868314980352
https://t.co/smZF4kalpZ
https://bitbucket.org/Ft44k/yavol/
https://twitter.com/cyb3rops/status/682683033053491200
https://twitter.com/cyb3rops/status/682682741020729344
https://twitter.com/cyb3rops/status/682681571422396416
https://t.co/zvvtBmIrc1
http://blog.hackersonlineclub.com/2015/12/flare-dbg-to-aid-malware-reverse.html
https://twitter.com/cyb3rops/status/682681199828037632
https://t.co/O2Z8MfTvKL
https://adsecurity.org/?p=2293
https://twitter.com/cyb3rops/status/682667610878558214
https://t.co/jpmUfjJwLe
https://github.com/tomchop/malcom
https://twitter.com/cyb3rops/status/682652523769942016
https://t.co/oVfyiB9hU8
https://github.com/yaronn/wopr/blob/master/README.md
https://twitter.com/cyb3rops/status/682643362214707200
https://t.co/bUAXmMJ0AP
http://seclist.us/trinity-linux-system-call-fuzzer.html
https://twitter.com/cyb3rops/status/682637435059089408
https://t.co/9vC8WLCMZh
https://github.com/cyrus-and/gdb-dashboard
https://twitter.com/cyb3rops/status/682622371648245760
https://t.co/ONRr5xohcw
http://blog.checkpoint.com/2015/05/12/the-microsoft-help-file-chm-may-enslave-you/
https://twitter.com/cyb3rops/status/682607309919404032
https://t.co/msFRgCH3VB
https://github.com/elceef/dnstwist
https://twitter.com/cyb3rops/status/682604652676935680
https://twitter.com/cyb3rops/status/682592180930613248
https://twitter.com/cyb3rops/status/682577293571534848
https://t.co/NFRtEIMJXD
http://carlosrafaelgn.com.br/Asm86/index.html
https://twitter.com/cyb3rops/status/682546874880950273
https://t.co/LK5J0QQcXX
https://www.bsk-consulting.de/2015/03/10/apt-detection-is-about-metadata/
https://twitter.com/cyb3rops/status/682531753349648385
https://t.co/lFV5ZFANUS
https://t.co/iO400KI3dV
https://t.co/pwVTPjxDyc
https://ciphershed.org/
https://veracrypt.codeplex.com/
https://forum.truecrypt.ch/t/veracrypt-or-ciphershed/449
https://twitter.com/cyb3rops/status/682527390111784960
https://twitter.com/cyb3rops/status/682516633798066178
https://t.co/h8uBWzFB0z
http://pastebin.com/f0zFCqVN
https://twitter.com/cyb3rops/status/682501566276882432
https://twitter.com/cyb3rops/status/682475927947886592
https://t.co/50UtaDfcBt
https://github.com/rhysd/NyaoVim/blob/master/README.md
https://twitter.com/cyb3rops/status/682314037938491392
https://t.co/kkXnjArzYg
http://lumify.io/
https://twitter.com/cyb3rops/status/682310400696795136
https://t.co/S53i7fgeOx
http://feedproxy.google.com/~r/PaloAltoNetworks/~3/9Mf2ZytqxLI/
https://twitter.com/cyb3rops/status/682281984027136001
https://t.co/eBUkkQHMM2
https://twitter.com/jepayneMSFT/status/682248499900059648
https://twitter.com/cyb3rops/status/682258762422464512
https://t.co/wtTA26MhjG
http://krakenrider.blogspot.de/2015/11/a-fail.html?m=1
https://twitter.com/cyb3rops/status/682257757576105984
https://t.co/mftAiMQLUI
https://twitter.com/adulau/status/682250110923845632
https://twitter.com/cyb3rops/status/682249209114980354
https://t.co/jIRO26G7DS
http://blog.hackersonlineclub.com/2015/12/osxlockdown-apple-os-x-tool-to-audit.html
https://twitter.com/cyb3rops/status/682248726677721088
https://t.co/RvVpSXPnch
http://arstechnica.com/security/2015/12/google-slams-avg-for-exposing-chrome-user-data-with-security-plugin/
https://twitter.com/cyb3rops/status/682187118324535297
https://t.co/H0hU10g0zv
https://t.co/zhKsQNXxkj
http://krakenrider.blogspot.de/2015/11/a-fail.html
https://twitter.com/Cyb3rOps/status/682185229394563072
https://twitter.com/cyb3rops/status/682185229394563072
https://twitter.com/cyb3rops/status/682141268168847360
https://t.co/53HyOIiZmJ
https://www.trustwave.com/Resources/SpiderLabs-Blog/ModSecurity-Python-Bindings--Parsing-ModSecurity-rules-from-Python/
https://twitter.com/cyb3rops/status/682141137864372225
https://t.co/WApUuTTIkC
http://arstechnica.com/information-technology/2015/12/microsoft-may-have-your-encryption-key-heres-how-to-take-it-back/
https://twitter.com/cyb3rops/status/682140802592669696
https://t.co/kFXJ4gB1F8
http://seclist.us/wifi-pumpkin-v0-71-released-framework-for-rogue-wi-fi-access-point-attack.html
https://twitter.com/cyb3rops/status/681986133539065856
https://t.co/XlqMvW62e5
http://blog.checkpoint.com/2015/12/29/check-point-threat-alert-outlook-ole-vulnerability/
https://twitter.com/cyb3rops/status/681985892756664322
https://t.co/dzJYyeIFZT
http://m.forensicfocus.com/?url=http%3A%2F%2Fwww.forensicfocus.com%2FNews%2Farticle%2Fsid%3D2603%2F&utm_referrer=#2623
https://twitter.com/cyb3rops/status/681984894742966272
https://t.co/ESL0TUtkWq
http://seclist.us/arpy-v3-15-arp-mitm-tool.html
https://twitter.com/cyb3rops/status/681984623371509760
https://t.co/K1e4b80QvZ
http://feedproxy.google.com/~r/PaloAltoNetworks/~3/Q5HhOX7MgFY/
https://twitter.com/cyb3rops/status/681846612273020928
https://twitter.com/cyb3rops/status/681843981794295808
https://t.co/0xZup2vX7m
http://pwc.blogs.com/cyber_security_updates/2015/12/elise-security-through-obesity.html
https://twitter.com/cyb3rops/status/681833589609230336
https://t.co/Z9mMuxM4eA
http://virustotal.com
https://twitter.com/cyb3rops/status/681809996498255872
https://t.co/83KCk9QMmo
https://www.virustotal.com/en/file/a979c5094f75548043a22b174aa10e1f2025371bd9e1249679f052b168e194b3/analysis/
https://twitter.com/cyb3rops/status/681785307486928896
https://t.co/o4luxZiygS
https://twitter.com/hdmoore/status/681705931198050304
https://twitter.com/cyb3rops/status/681635796231819264
https://t.co/INvOX3ArDM
https://adsecurity.org/?p=2288
https://twitter.com/cyb3rops/status/681635391963828224
https://t.co/1tubGTnhsF
https://www.trustwave.com/Resources/SpiderLabs-Blog/An-Overview-of-the-Upcoming-libModSecurity/
https://twitter.com/cyb3rops/status/681533055069241344
https://t.co/1evvpdhRCd
http://feedproxy.google.com/~r/darknethackers/~3/IZTI_7JgfNc/
https://twitter.com/cyb3rops/status/681514721175035904
https://t.co/Cm6ms2V8aO
http://www.fireeye.com/blog/threat-research/2015/12/flare_script_series.html
https://twitter.com/cyb3rops/status/681489918334517249
https://t.co/eiIKmwVacM
http://blog.didierstevens.com/2015/12/28/maldoc-get-range/
https://twitter.com/cyb3rops/status/681486374445387776
https://t.co/DfNRk8IEWQ
https://www.schneier.com/blog/archives/2015/12/nsagchq_exploit.html
https://twitter.com/cyb3rops/status/681486234187886592
https://t.co/8Mr2Gy4ga1
https://www.dsinternals.com/en/retrieving-cleartext-gmsa-passwords-from-active-directory/
https://twitter.com/cyb3rops/status/681485883955122177
https://t.co/AoPm2jYtge
http://www.toolswatch.org/2015/12/group-policy-preferences-password-finder-gp3finder-v4-0/
https://twitter.com/cyb3rops/status/681465466020343808
https://t.co/Hb9dBMnd6t
http://www.minerva-labs.com/#!Joe?s-Crypter-?-Fixed-and-PREVENTED/c7a5/568129200cf236d40390595f
https://twitter.com/cyb3rops/status/681428549060935680
https://twitter.com/cyb3rops/status/681124387173593088
https://t.co/WPJdGJc1KH
https://docs.google.com/spreadsheets/d/1H9_xaxQHpWaa4O_Son4Gx0YOIzlcBWMsdvePFX68EKU/edit?usp=sharing
https://twitter.com/cyb3rops/status/680774448434311168
https://t.co/hh1WbNgvdL
https://events.ccc.de/2015/12/26/32c3-lecture-streaming-and-recording/
https://twitter.com/cyb3rops/status/680666052892712960
https://t.co/uM8uhx5tqr
https://t.co/M5JR1BjgeA
https://pentestbox.com/
https://tools.pentestbox.com/
https://twitter.com/cyb3rops/status/680396742978875392
https://twitter.com/cyb3rops/status/680324879351164929
https://t.co/i6ia3WuQhk
https://www.theobjectivestandard.com/issues/2008-winter/net-neutrality/
https://twitter.com/cyb3rops/status/680320913607360512
https://t.co/ji3B3sTtQi
http://seclist.us/updates-wifiphiser-fast-automated-phishing-attacks-against-wpa-networks.html
https://twitter.com/cyb3rops/status/680320683646279681
https://t.co/BrQq4sA1Rk
http://blog.hackersonlineclub.com/2015/12/ea-server-hit-by-ddos-attack.html
https://twitter.com/cyb3rops/status/680198119796117504
https://twitter.com/cyb3rops/status/680197517385019394
https://twitter.com/cyb3rops/status/680196273518080000
https://twitter.com/cyb3rops/status/680179545270542336
https://twitter.com/cyb3rops/status/680178036210282498
https://twitter.com/cyb3rops/status/680173240942243840
https://t.co/080TKSu1G9
https://github.com/Neo23x0/Loki/commits/master
https://twitter.com/cyb3rops/status/680172730839359488
https://twitter.com/cyb3rops/status/680171709476007936
https://t.co/vg8SEHUvLI
https://eff.org/donate
https://twitter.com/cyb3rops/status/680026253026586624
https://twitter.com/cyb3rops/status/680017946534637569
https://t.co/9xbTIZwuSS
https://t.co/DV5acbsLYp
https://events.ccc.de/2015/12/22/no-ticket-try-congress-everywhere/
http://streaming.media.ccc.de
https://twitter.com/cyb3rops/status/680009340904980480
https://t.co/7fGTi7ZSjq
http://securityblog.gr/3080/conpot-ics-scada-honeypot/
https://twitter.com/cyb3rops/status/679990118720090112
https://t.co/7rwq070yRO
http://seclist.us/sans-a-simple-anti-spoofing-dns-server.html
https://twitter.com/cyb3rops/status/679985043146706944
https://twitter.com/cyb3rops/status/679829328230744064
https://t.co/eNphb41pjt
http://feedproxy.google.com/~r/PaloAltoNetworks/~3/Gc82FW1mFlA/
https://twitter.com/cyb3rops/status/679829219686363136
https://t.co/bz2fzyXTLI
https://blog.rootshell.be/2015/12/23/managing-palo-alto-firewalls-custom-url-categories/
https://twitter.com/cyb3rops/status/679804209273913344
https://twitter.com/cyb3rops/status/679757140412743680
https://t.co/fr31lG4FK3
http://seclist.us/hashcat-gui-for-windows.html
https://twitter.com/cyb3rops/status/679721392183578624
https://t.co/vY7J3R8PlR
https://theintercept.com/2015/12/23/juniper-firewalls-successfully-targeted-by-nsa-and-gchq/
https://twitter.com/cyb3rops/status/679721237640286209
https://t.co/Ty4mQosDzG
http://seclist.us/dnschan-a-remote-access-trojan-over-dns.html
https://twitter.com/cyb3rops/status/679705903252267008
https://t.co/TkaNvsihfT
https://twitter.com/m3g9tr0n/status/679668255691292673
https://twitter.com/cyb3rops/status/679704587792703489
https://t.co/0jDnaZkJ1P
https://twitter.com/GelosSnake/status/679661662568333312
https://twitter.com/cyb3rops/status/679701913609330688
https://t.co/79wgcoeXs0
http://resources.infosecinstitute.com/malware-researchers-handbook/
https://twitter.com/cyb3rops/status/679695884561584130
https://t.co/n7cEYMTHnc
https://t.co/M1EanhpzX3
https://github.com/Neo23x0/Loki/blob/master/signatures/generic_anomalies.yar
https://docs.google.com/spreadsheets/d/1yrEsS2w-wPNLoKhu-VuhK9aldiWrBJutxygde-9DALM/edit#gid=0
https://twitter.com/cyb3rops/status/679685753295757314
https://twitter.com/cyb3rops/status/679683392938618880
https://t.co/BTkecx0TkX
https://goo.gl/JHKTn6
https://twitter.com/cyb3rops/status/679384135392169985
https://t.co/faQoTiPtUx
http://blog.cloudflare.com/why-its-harder-to-forge-a-sha-1-certificate-than-it-is-to-find-a-sha-1-collision/
https://twitter.com/cyb3rops/status/679383913417072640
https://t.co/JCwmA4onA6
http://feedproxy.google.com/~r/eset/blog/~3/2U8nMO2irGg/
https://twitter.com/cyb3rops/status/679227603748651009
https://t.co/u1rTWogwhc
https://www.bsk-consulting.de/2015/12/22/yara-rules-to-detect-uncommon-system-file-sizes/
https://twitter.com/cyb3rops/status/679194486791086081
https://t.co/oXyVcYwjXQ
http://seclist.us/killchain-v0-2-a-unified-console-to-perform-the-kill-chain-stages-of-attacks.html
https://twitter.com/cyb3rops/status/679005489825505282
https://t.co/GCBxau1S1a
http://seclist.us/crawlic-is-a-web-reconnaissance-tool.html
https://twitter.com/cyb3rops/status/678892866098229248
https://twitter.com/cyb3rops/status/678863776888832000
https://twitter.com/cyb3rops/status/678837085424492544
https://t.co/Ps3y5vcOIl
https://community.rapid7.com/community/infosec/blog/2015/12/20/cve-2015-7755-juniper-screenos-authentication-backdoor
https://twitter.com/cyb3rops/status/678709978845347846
https://t.co/LE5PXf7tTq
http://securityblog.gr/3052/a-simple-elasticsearch-honeypot/
https://twitter.com/cyb3rops/status/678709886180569088
https://t.co/YPWnw4bMUW
http://seclist.us/bsqlinjector-blind-sql-injection-exploitation-tool-written-in-ruby.html
https://twitter.com/cyb3rops/status/678308678613733376
https://twitter.com/cyb3rops/status/678306981552238593
https://t.co/H0hU10xBY5
https://t.co/LOf4IElElI
http://krakenrider.blogspot.de/2015/11/a-fail.html
https://twitter.com/agl__/status/678272799526420480
https://twitter.com/cyb3rops/status/678287557541654528
https://twitter.com/cyb3rops/status/678284609663143936
https://t.co/dnPMLnAoLU
https://t.co/99tFi8LkRI
https://github.com/Neo23x0/Loki/commit/bc2244b77390d9a5af87a9150b5ca638c34118fe
http://www.hexacorn.com/blog/2015/12/18/the-typographical-and-homomorphic-abuse-of-svchost-exe-and-other-popular-file-names/
https://twitter.com/cyb3rops/status/678191298889805824
https://t.co/hgnCk5ibb1
http://seclist.us/powersploit-v3-0-0-released-a-powershell-post-exploitation-framework.html
https://twitter.com/cyb3rops/status/677963689853632512
https://t.co/rFTfjyogAu
http://seclist.us/updates-t50-v-5-5-the-fatest-network-packet-injector.html
https://twitter.com/cyb3rops/status/677963465701629952
https://t.co/BpyhWSRgfC
http://feedproxy.google.com/~r/GoogleOnlineSecurityBlog/~3/DMZYgaWVQl8/an-update-on-sha-1-certificates-in.html
https://twitter.com/cyb3rops/status/677923267953434624
https://t.co/RJ3lAr1BS1
https://technet.microsoft.com/en-US/library/mt634654.aspx
https://twitter.com/cyb3rops/status/677920664783888388
https://t.co/UAdlKduH2W
http://feedproxy.google.com/~r/darknethackers/~3/v17wYx5_cEc/
https://twitter.com/cyb3rops/status/677755459114242048
https://t.co/18L62fO9Gd
https://github.com/Neo23x0/Fenrir
https://twitter.com/cyb3rops/status/677741759959576576
https://t.co/5maPOxzl8a
http://forums.juniper.net/t5/Security-Incident-Response/Important-Announcement-about-ScreenOS/ba-p/285554
https://twitter.com/cyb3rops/status/677612072318955520
https://t.co/ZGl4xHIzpU
http://www.varanoid.com/research-alerts/sans-internet-storm-center/when-hunting-beef-yara-rules-part-2-thu-dec-17th/
https://twitter.com/cyb3rops/status/677524181001576448
https://t.co/aE957sglXE
http://m.forensicfocus.com/?url=http%3A%2F%2Fwww.forensicfocus.com%2FNews%2Farticle%2Fsid%3D2588%2F&utm_referrer=#2855
https://twitter.com/cyb3rops/status/677487964444876800
https://t.co/5kSqUtwrz7
https://www.shodan.io/report/nlrw9g59
https://twitter.com/cyb3rops/status/677487393889472512
https://t.co/etp7cYBrgk
https://www.fidelissecurity.com/sites/default/files/FTA_1020_Fidelis_Inocnation_FINAL.pdf
https://twitter.com/cyb3rops/status/677376968862654465
https://t.co/0G5f6BvzYc
http://seclist.us/java-unserialization-getshell-and-cmd-exploit.html
https://twitter.com/cyb3rops/status/677250712070410240
https://t.co/SeMX0uYaK8
http://www.harmj0y.net/blog/redteaming/targeted-plaintext-downgrades-with-powerview/
https://twitter.com/cyb3rops/status/677250268808011777
https://twitter.com/cyb3rops/status/677219287241633792
https://t.co/s2lxUVXeRI
http://blog.malwarebytes.org/online-security/2015/12/dns-hijacks-routers/
https://twitter.com/cyb3rops/status/677218871179374592
https://t.co/NxuxK0DFy0
http://www.toolswatch.org/2015/12/new-tool-elf-parser-v1-4-0/
https://twitter.com/cyb3rops/status/677202566674034690
https://twitter.com/cyb3rops/status/677051484807241728
https://t.co/gYxU1xL0Gy
http://googleprojectzero.blogspot.com/2015/12/fireeye-exploitation-project-zeros.html
https://twitter.com/cyb3rops/status/677050801899065344
https://t.co/EllhAH2QuM
http://feedproxy.google.com/~r/PentestTools/~3/9gReoU5J34w/collection-of-awesome-honeypots.html
https://twitter.com/cyb3rops/status/677034010888044544
https://t.co/qz5fAz3nh7
https://www.hybrid-analysis.com/sample/3d81120810369d4668ba564979697b8fad0d3f51e249c533bb3725ac039a6db0?environmentId=4
https://twitter.com/cyb3rops/status/676838136119500802
https://t.co/uYPEICnnku
https://blogs.mcafee.com/mcafee-labs/detecting-undetectable-growing-sophistication-fileless-attacks/
https://twitter.com/cyb3rops/status/676818740181364736
https://t.co/bl1OMLCBx3
http://www.toolswatch.org/2015/12/gssapi-proxy-beta-http-proxy-for-windows/
https://twitter.com/cyb3rops/status/676815756680646656
https://t.co/CWAXMJMTiq
http://blog.airbuscybersecurity.com/post/2015/11/Newcomers-in-the-Derusbi-family
https://twitter.com/cyb3rops/status/676815200260091904
https://t.co/7T6H6CoM9E
https://github.com/stamparm/maltrail/blob/master/README.md
https://twitter.com/cyb3rops/status/676812347806081024
https://t.co/I5TddI8MUN
http://www.fireeye.com/blog/threat-research/2015/12/uncovering_activepower.html
https://twitter.com/cyb3rops/status/676668238978224128
https://t.co/Ep9xc2w9O1
http://www.bsk-consulting.de/apt-scanner-thor/
https://twitter.com/cyb3rops/status/676663212260114432
https://t.co/wNCF9x9jum
https://adsecurity.org/?p=559
https://twitter.com/cyb3rops/status/676654924189552640
https://t.co/SAo9ze26t6
http://securityblog.gr/3004/guymager-a-free-forensic-imager/
https://twitter.com/cyb3rops/status/676459499201392640
https://t.co/XkgV17JZJB
http://www.toolswatch.org/2015/12/new-tool-saml-raider-v1-1-1-saml2-burp-extension/
https://twitter.com/cyb3rops/status/676459415013339138
https://t.co/Ba0BGtxTPn
http://arstechnica.com/security/2015/12/hackers-actively-exploit-critical-vulnerability-in-sites-running-joomla/
https://twitter.com/cyb3rops/status/676431087711727616
https://t.co/QCzlOIDkBS
https://citizenlab.org/2015/12/packrat-report/
https://twitter.com/cyb3rops/status/676364713601671168
https://twitter.com/cyb3rops/status/676019919016878080
https://t.co/RzFKWysdq2
http://blog.didierstevens.com/2015/12/13/windows-backup-privilege-cmd-exe/
https://twitter.com/cyb3rops/status/676006666404499456
https://t.co/U2r8VZhpo1
https://www.fireeye.com/blog/threat-research/2015/12/latentbot_trace_me.html
https://twitter.com/cyb3rops/status/675202681619750912
https://t.co/DcnfMe8iUG
https://community.rapid7.com/community/metasploit/blog/2013/03/09/psexec-demystified
https://twitter.com/cyb3rops/status/675067875426705409
https://t.co/zGbBN5Quhn
http://www.rainbowstream.org/
https://twitter.com/cyb3rops/status/675025432517939200
https://t.co/cQw9TWRQXA
http://seclist.us/updates-domi-owned-ibmlotus-domino-exploitation.html
https://twitter.com/cyb3rops/status/675023748983087105
https://t.co/NNfvUpGrFg
http://feedproxy.google.com/~r/zscaler/research/~3/WfdnpIUk70M/new-spy-banker-trojan-telax-abusing.html
https://twitter.com/cyb3rops/status/675023642561003520
https://t.co/N7r51HK7dp
http://feedproxy.google.com/~r/PaloAltoNetworks/~3/e7XM9fu0Qe0/
https://twitter.com/cyb3rops/status/674927665997025280
https://t.co/8fktuPUbyE
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/m8VVYUuwzk0/
https://twitter.com/cyb3rops/status/674857701604728832
https://t.co/D7C55hrJoL
http://journeyintoir.blogspot.com/2015/12/triage-practical-solution-malware-event.html
https://twitter.com/cyb3rops/status/674855254744281090
https://t.co/FadjGfPgU3
http://seclist.us/blade-is-a-webshell-connection-tool-with-customized-waf-bypass-payloads-also-a-replacement-of-chooper.html
https://twitter.com/cyb3rops/status/674739462572785664
https://t.co/gNct5FirFG
https://blogs.mcafee.com/mcafee-labs/rovnix-downloader-sinkhole-time-checks/
https://twitter.com/cyb3rops/status/674718623919902721
https://t.co/QcuAeuLTfE
https://twitter.com/AndreaBarisani/status/674192442862751749
https://twitter.com/cyb3rops/status/674655374683865088
https://t.co/l7h1ikJWMY
http://feedproxy.google.com/~r/GoogleOnlineSecurityBlog/~3/erHVQiH2h40/year-one-progress-in-fight-against.html
https://twitter.com/cyb3rops/status/674654207073517569
https://t.co/MholXgZiNG
http://arstechnica.com/security/2015/12/attack-flooded-internet-root-servers-with-5-million-queries-a-second/
https://twitter.com/cyb3rops/status/674316036460662785
https://t.co/mMLkqsQwf2
http://seclist.us/scaredycat-version-0-1-beta-released.html
https://twitter.com/cyb3rops/status/674243498711883776
https://t.co/O0BwgpIDtz
https://www.schneier.com/blog/archives/2015/12/how_israel_regu.html
https://twitter.com/cyb3rops/status/674177294760583168
https://t.co/UPiLaWXVZK
http://seclist.us/lynis-v-2-1-5-is-a-system-and-security-auditing-tool-for-unixlinux.html
https://twitter.com/cyb3rops/status/674124388732698624
https://t.co/boTSx47awm
https://blogs.technet.microsoft.com/mmpc/2015/11/16/microsoft-security-intelligence-report-strontium/
https://twitter.com/cyb3rops/status/674123752309944320
https://t.co/2HfpSIpxB3
https://blogs.technet.microsoft.com/mmpc/2015/11/23/does-prevalence-matter-a-different-approach-to-traditional-antimalware-test-scoring/
https://twitter.com/cyb3rops/status/674123092726259713
https://t.co/C2w4zAYhh5
https://github.com/zero-db/zerodb
https://twitter.com/cyb3rops/status/673983724829196288
https://t.co/qOYBOUbuW4
http://feedproxy.google.com/~r/darknethackers/~3/CelzDaINoSI/
https://twitter.com/cyb3rops/status/673980751814238208
https://t.co/zoO3yM06dT
http://www.malwaretech.com/2015/12/kelihos-analysis-part-1.html
https://twitter.com/cyb3rops/status/673980391544475648
https://t.co/1KI2pypo9d
http://seclist.us/firecat-is-a-penetration-testing-tool-that-allows-you-to-punch-reverse-tcp-tunnels-out-of-a-compromised-network.html
https://twitter.com/cyb3rops/status/673980245016489984
https://t.co/6GXR0T5aVI
http://countuponsecurity.com/2015/12/07/malware-analysis-dridex-process-hollowing/
https://twitter.com/cyb3rops/status/673915310639087616
https://t.co/1535pho4wj
http://seclist.us/jexboss-jboss-verify-and-exploitation-tool.html
https://twitter.com/cyb3rops/status/673915111376068608
https://t.co/xXAqWKraz1
http://seclist.us/async-ip-scanner-for-powershell.html
https://twitter.com/cyb3rops/status/673783677965479936
https://t.co/7hjJxiS6rn
https://isc.sans.edu/diary.html?storyid=20451&rss
https://twitter.com/cyb3rops/status/673767288751841281
https://t.co/mm7FhnURd4
https://twitter.com/thor_scanner/status/673766663167193088
https://twitter.com/cyb3rops/status/673512058835640321
https://t.co/j2bV6NGsUg
https://github.com/certtools/intelmq
https://twitter.com/cyb3rops/status/673434466086469632
https://t.co/aXvxoLklrz
https://github.com/lukas2511/letsencrypt.sh
https://twitter.com/cyb3rops/status/673434224360312833
https://t.co/EBv4sgpcbK
http://seclist.us/updates-ora-pwn-oracle-attacks-tool.html
https://twitter.com/cyb3rops/status/673226511953100801
https://t.co/5m5ows4hiC
https://github.com/hashcat/oclHashcat
https://twitter.com/cyb3rops/status/673173321391988736
https://t.co/wnmDSNdH4Q
https://www.producthunt.com/r/74242340b3e1b6/43157?app_id=1
https://twitter.com/cyb3rops/status/673135308985212929
https://t.co/k2PVc3Yt68
http://www.crowdstrike.com/blog/sakula-reloaded/
https://twitter.com/cyb3rops/status/673134636546027520
https://t.co/056tCHmrES
http://seclist.us/3viltwinattacker-v0-6-8-released-framework-for-rogue-wi-fi-access-point-attack.html
https://twitter.com/cyb3rops/status/673134569219035137
https://t.co/X6FNnUNq5s
http://seclist.us/mktrojanhorse-a-ssh-linux-machine-trojan-horse.html
https://twitter.com/cyb3rops/status/673134349341077504
https://t.co/scPnBFTNZq
https://t.co/ZS8laqpNY9
http://Virustotal.NET
http://securityblog.gr/2979/a-full-implementation-of-the-virustotal-2-0-api/
https://twitter.com/cyb3rops/status/673102996184678400
https://twitter.com/cyb3rops/status/673063560776458240
https://twitter.com/cyb3rops/status/672926290698215424
https://t.co/Md51lnFPHB
http://feedproxy.google.com/~r/PaloAltoNetworks/~3/Ws0tBcgvgTk/
https://twitter.com/cyb3rops/status/672835091958206466
https://t.co/WPzURFY966
http://seclist.us/pwaneddler-is-a-script-kiddie-for-perform-mitm-attack.html
https://twitter.com/cyb3rops/status/672834980482048000
https://t.co/0LQ6fvBqus
http://blog.cloudflare.com/tools-for-debugging-testing-and-using-http-2/
https://twitter.com/cyb3rops/status/672833322595303424
https://twitter.com/cyb3rops/status/672832749326237696
https://t.co/hx05kJAPW7
https://www.hybrid-analysis.com/sample/d9c465e10d9a4c820008695d4fab745b3291c38b7136c7a59dc8c47ef62d1c6e?environmentId=1
https://twitter.com/cyb3rops/status/672832156473905152
https://t.co/dkPyPD3DPa
https://t.co/Ug98aH2tr9
https://github.com/Neo23x0/Loki/commit/55811edd85b41798624d8ce5449f281c1af922a3
https://securelist.com/blog/research/72924/sofacy-apt-hits-high-profile-targets-with-updated-toolset/
https://twitter.com/cyb3rops/status/672830264486322176
https://twitter.com/cyb3rops/status/672756225243770880
https://t.co/Ug98aH2tr9
https://securelist.com/blog/research/72924/sofacy-apt-hits-high-profile-targets-with-updated-toolset/
https://twitter.com/cyb3rops/status/672682746691612672
https://t.co/am5SSQdqpY
https://blog.rootshell.be/2015/12/04/automatic-mime-attachments-triage/
https://twitter.com/cyb3rops/status/672682402087641088
https://t.co/hAGIKkLBaW
https://github.com/kuba/simp_le
https://twitter.com/cyb3rops/status/672544134566121473
https://t.co/nIDquePJOH
http://seclist.us/pspunch-an-offensive-powershell-console.html
https://twitter.com/cyb3rops/status/672544011845033985
https://t.co/Ui98oOqIOW
http://arstechnica.com/security/2015/12/newest-ransomware-pilfers-passwords-before-encrypting-gigabytes-of-data/
https://twitter.com/cyb3rops/status/672543618805186560
https://t.co/ciKBATPMeg
http://seclist.us/msfvenom-payload-creator-mpc-v-1-4-released.html
https://twitter.com/cyb3rops/status/672177125202505728
https://t.co/4TKNuQy5FF
https://t.co/gmZshpLTUp
https://t.co/iShcjHIeFs
http://blog.dynamoo.com/2015/12/malware-spam-purchase-order-124658-gina.html
https://github.com/Neo23x0/Loki/blob/master/signatures/crime_phish_gina_dec15.yar
http://pastebin.com/LZL0fqCw
https://twitter.com/cyb3rops/status/672147315071852544
https://t.co/aNW3lr3AlY
http://arstechnica.com/security/2015/12/report-china-hacked-australias-weather-service/
https://twitter.com/cyb3rops/status/672127588672913409
https://t.co/Ynp3foUyBG
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/aJFhAImC96Y/
https://twitter.com/cyb3rops/status/672090413306613761
https://t.co/LRD0zS9oPS
https://isc.sans.edu/diary.html?storyid=20431&rss
https://twitter.com/cyb3rops/status/672088574939017217
https://t.co/ghRd7TtZIT
http://seclist.us/t50-v-5-5-released-the-fatest-network-packet-injector.html
https://twitter.com/cyb3rops/status/672010955241451522
https://twitter.com/cyb3rops/status/671996994760679424
https://t.co/RF1ZJPPz2U
https://www.hybrid-analysis.com/sample/bc252ede5302240c2fef8bc0291ad5a227906b4e70929a737792e935a5fee209?environmentId=4
https://twitter.com/cyb3rops/status/671965265333248000
https://t.co/bjyrm81kjR
http://www.contextis.com/resources/blog/espresso/
https://twitter.com/cyb3rops/status/671957036821778432
https://t.co/TKUofPwyJe
https://twitter.com/blubbfiction/status/671923960863412224
https://twitter.com/cyb3rops/status/671954454103597056
https://t.co/SwDJJjSLB0
https://twitter.com/binitamshah/status/671869877544550401
https://twitter.com/cyb3rops/status/671728877627179009
https://t.co/E0ISKSlC5G
http://windowsir.blogspot.com/2015/12/doing-analysis.html
https://twitter.com/cyb3rops/status/671728027521392640
https://t.co/9NXIBzsFSg
http://seclist.us/sslkiller-is-a-used-for-killing-ssl-verification-functions-on-android-client-side.html
https://twitter.com/cyb3rops/status/671685367674839041
https://t.co/ZZLRpVy2SP
http://malware.dontneedcoffee.com/2015/12/nuclear-pack-loading-fileless-cve-2014.html
https://twitter.com/cyb3rops/status/671594578651279360
https://t.co/artWB4z04V
http://www.fireeye.com/blog/threat-research/2015/11/china-based-threat.html
https://twitter.com/cyb3rops/status/671594075313803264
https://twitter.com/cyb3rops/status/671438623011663872
https://t.co/W5hSFMoIGX
https://twitter.com/crowdshield/status/671413861686362112
https://twitter.com/cyb3rops/status/671403260478152704
https://t.co/KlxbjWiz2V
http://volatility-labs.blogspot.com/2015/11/guest-post-martin-korman-volatilitybot.html
https://twitter.com/cyb3rops/status/671402053818851329
https://t.co/7pEqFMlvps
http://seclist.us/bettercap-v1-1-6-a-complete-modular-portable-and-easily-extensible-mitm-framework.html
https://twitter.com/cyb3rops/status/671401391248834560
https://t.co/URGKaXoWFx
http://feedproxy.google.com/~r/darknethackers/~3/o_yrPmGMiZE/
https://twitter.com/cyb3rops/status/671306134293258240
https://t.co/3aXPkMzmx9
http://blog.0x3a.com/post/134260124544
https://twitter.com/cyb3rops/status/671305437296332800
https://t.co/Pnd2kjDeXF
http://securityblog.gr/2963/filealyzer-analyze-files-read-pe-information/
https://twitter.com/cyb3rops/status/671116856195960833
https://t.co/sMA2mSG73f
http://feedproxy.google.com/~r/ehacking/~3/cvZ4UtfFow8/tor-crowdfunding-project-could-raise.html
https://twitter.com/cyb3rops/status/671078223304871937
https://t.co/CU57MpJNEH
http://seclist.us/anonbuster-bruteforce-web-applications-using-tor-proxy-cicling-through-different-ips-to-avoid-firewall-blocks.html
https://twitter.com/cyb3rops/status/670882758751854592
https://t.co/Wp5KSZ8dWM
http://seclist.us/powermemory-v-0-4-released-exploit-the-credentials-present-in-files-and-memory.html
https://twitter.com/cyb3rops/status/670632943803621376
https://t.co/zmmHaSq5JD
https://mynigma.org/en/
https://twitter.com/cyb3rops/status/670616733531639808
https://t.co/KkYebczj4R
https://techanarchy.net/2015/11/darkcomet-hacking-the-hacker/
https://twitter.com/cyb3rops/status/670616423992057860
https://t.co/NeuGrSL26J
http://malware.dontneedcoffee.com/2015/11/inside-jahoo-otlarda-botnet-dedicated.html
https://twitter.com/cyb3rops/status/670564882266365952
https://t.co/KjlUQkyGPw
http://securityblog.gr/2950/detect-packers-cryptors-and-compilers/
https://twitter.com/cyb3rops/status/670529364237418496
https://t.co/94XYrG6rpi
https://t.co/0fI4QklXrw
https://twitter.com/Cyb3rOps/status/662217942168444928
https://twitter.com/Cyb3rOps/status/662206927707967489
https://twitter.com/cyb3rops/status/670527843596689408
https://t.co/56H7Uya9Se
https://twitter.com/keithtyler/status/669035614054944772
https://twitter.com/cyb3rops/status/670526840130445312
https://t.co/PuLUN9EAgf
https://www.shodan.io/store/member
https://twitter.com/cyb3rops/status/670371692749971457
https://t.co/BWukxOtr3k
http://seclist.us/backdoorme-a-powerful-auto-backdooring-utility.html
https://twitter.com/cyb3rops/status/670370797219921923
https://t.co/JCvjRilBip
http://www.darknet.org.uk/2015/11/zarp-network-attack-tool/
https://twitter.com/cyb3rops/status/670205746529869824
https://twitter.com/cyb3rops/status/670204958252376064
https://t.co/VCwbVONDHL
https://obdev.at/products/littlesnitch/index.html
https://twitter.com/cyb3rops/status/669934135197192192
https://twitter.com/cyb3rops/status/669933109027217408
https://t.co/gUpO02Mmmp
http://blog.sec-consult.com/2015/11/house-of-keys-industry-wide-https.html
https://twitter.com/cyb3rops/status/669928655053848576
https://t.co/3ycOhL3sEx
http://seclist.us/ora-pwn-oracle-attacks-tool.html
https://twitter.com/cyb3rops/status/669887859587944448
https://t.co/PMEHMblUQL
https://github.com/tikalk/commandcar/blob/master/README.md
https://twitter.com/cyb3rops/status/669887381286338562
https://t.co/pVW6tiOqrx
http://resources.infosecinstitute.com/2-malware-researchers-handbook-demystifying-pe-file/
https://twitter.com/cyb3rops/status/669826876274302976
https://t.co/mvEsoI0QMa
http://seclist.us/powerforensics-v1-0-1-released-is-a-powershell-digital-forensics-framework.html
https://twitter.com/cyb3rops/status/669826666458390532
https://t.co/L5aGFt0i8U
http://seclist.us/android-vts-v11-released-android-vulnerability-test-suite.html
https://twitter.com/cyb3rops/status/669826178497277952
https://t.co/2uWJW2FSzt
http://blogs.technet.com/b/mmpc/archive/2015/11/26/shields-up-on-potentially-unwanted-applications-in-your-enterprise.aspx
https://twitter.com/cyb3rops/status/669599769145303044
https://t.co/ZrUEFkXYh4
http://arstechnica.com/security/2015/11/iranian-military-spear-phish-of-state-department-employees-detected-first-by-facebook/
https://twitter.com/cyb3rops/status/669576392963702784
https://t.co/vsMUznMeAC
http://www.toolswatch.org/2015/11/scapy3k-the-scapy-for-python-3/
https://twitter.com/cyb3rops/status/669576159861035008
https://t.co/xcjDcUvEXo
http://krebsonsecurity.com/2015/11/breach-at-it-automation-firm-landesk/
https://twitter.com/cyb3rops/status/669484863385436160
https://t.co/w0Oc8kDvVx
https://t.co/qPPiBnhdVM
http://hexacorn.com/examples/2014-12-24_santas_bag_of_mutants.txt
http://hexacorn.com/examples/2015-04-05_easter_bunny_with_a_bag_full_of_events.txt
https://twitter.com/cyb3rops/status/669427781386829828
https://t.co/mlPZRXSz1p
http://seclist.us/joomlavs-a-black-box-ruby-powered-joomla-vulnerability-scanner.html
https://twitter.com/cyb3rops/status/669287862723059712
https://t.co/NAxC6jqJ2c
http://motherboard.vice.com/read/theres-a-dark-web-github-for-controversial-code
https://twitter.com/cyb3rops/status/669286205649997824
https://t.co/W4y90cS7OP
http://seclist.us/pt2-security-testing-tool-security-assessment-of-power-systems.html
https://twitter.com/cyb3rops/status/669207201530191872
https://t.co/klvkBpBZ9y
https://github.com/kdzwinel/betwixt
https://twitter.com/cyb3rops/status/669105897545801728
https://t.co/kcKegjbJI3
https://github.com/Neo23x0/Loki/blob/master/signatures/apt_glassRAT.yar
https://twitter.com/cyb3rops/status/669080533352194048
https://t.co/IodNWnx6BJ
https://www.blackhat.com/docs/us-14/materials/us-14-Kamlyuk-Kamluk-Computrace-Backdoor-Revisited.pdf
https://twitter.com/cyb3rops/status/669074995839148032
https://t.co/l1USQuzS2I
http://blog.didierstevens.com/2015/11/24/authenticode-and-timestamping-and-sha256/
https://twitter.com/cyb3rops/status/669074329322287104
https://t.co/zwATsK4LGa
http://seclist.us/interceptor-powershell-https-intercepting-proxy.html
https://twitter.com/cyb3rops/status/669074256123330560
https://t.co/4a3gDH1L62
http://researchcenter.paloaltonetworks.com/2015/11/inside-tdrop2-technical-analysis-of-new-dark-seoul-malware/
https://twitter.com/cyb3rops/status/669073633483096065
https://t.co/STKEkM9iU4
http://arstechnica.com/security/2015/11/dell-apologizes-for-https-certificate-fiasco-provides-removal-tool/
https://twitter.com/cyb3rops/status/669066780770508800
https://twitter.com/cyb3rops/status/668917771615543296
https://t.co/mEUrSiLPFd
https://blogs.rsa.com/wp-content/uploads/2015/11/GlassRAT-final.pdf
https://twitter.com/cyb3rops/status/668913954710757376
https://t.co/vzg9MV2KyN
http://resources.infosecinstitute.com/reversing-the-pony-trojan-part-i/
https://twitter.com/cyb3rops/status/668912966864150528
https://t.co/liFMwwrfo4
https://blog.glasswire.com/2015/11/23/detect-webcam-and-mic-usage-with-glasswire/
https://twitter.com/cyb3rops/status/668911457711603712
https://t.co/7i35KX5WtI
http://seclist.us/jsql-injection-v-0-7-released-a-java-tool-for-automatic-database-injection.html
https://twitter.com/cyb3rops/status/668910635841937412
https://t.co/JRE2dz4Ya2
http://www.minerva-labs.com/#!CopyKittens-Attack-Group/c1p1j/564df6190cf28679553fc331
https://twitter.com/cyb3rops/status/668778870468943872
https://t.co/EKIKd8sNk5
https://www.virustotal.com/intelligence/blog/post/detailed-dmg-information-and-similarity-search/5430957313660468210-8123518726917507634/
https://twitter.com/cyb3rops/status/668753235491069952
https://t.co/g840oOPsjF
http://seclist.us/weeman-v-1-6-black-eagle-released-http-server-for-phishing.html
https://twitter.com/cyb3rops/status/668464328841043970
https://twitter.com/cyb3rops/status/668336414006878208
https://t.co/Ku1HGzW8ZB
http://seclist.us/process-dump-v1-5-released-windows-tool-for-dumping-malware-pe-files-from-memory.html
https://twitter.com/cyb3rops/status/668206883547840512
https://twitter.com/cyb3rops/status/668036522101338112
https://t.co/2JzNSdXnZn
https://github.com/michaelmacinnis/oh/blob/master/README.md
https://twitter.com/cyb3rops/status/667964461928566784
https://t.co/BzQyAGUzdx
https://t.co/oQwjMyj8x5
https://www.christophertruncer.com/introducing-wmi-ops/
https://www.blackhat.com/docs/us-15/materials/us-15-Graeber-Abusing-Windows-Management-Instrumentation-WMI-To-Build-A-Persistent%20Asynchronous-And-Fileless-Backdoor.pdf
https://twitter.com/cyb3rops/status/667961959975899138
https://t.co/2SsfWLU1MY
http://seclist.us/crackmapexec-v-2-0-codename-i-gotta-change-the-name-of-this-thing-released.html
https://twitter.com/cyb3rops/status/667845437001474048
https://t.co/BdmwuAmtMV
http://researchcenter.paloaltonetworks.com/2015/11/upatre-old-dog-new-anti-analysis-tricks/
https://twitter.com/cyb3rops/status/667845379300401152
https://t.co/7O0o7wFpVF
http://blog.malwarebytes.org/security-threat/2015/11/vonteera-adware-uses-certificates-to-disable-anti-malware/
https://twitter.com/cyb3rops/status/667777270472396803
https://twitter.com/cyb3rops/status/667777195398569985
https://t.co/MO15afi27c
http://arstechnica.com/security/2015/11/truecrypt-is-safer-than-previously-reported-detailed-analysis-concludes/
https://twitter.com/cyb3rops/status/667684855489150976
https://t.co/4V06HYB0GO
https://isc.sans.edu/diary.html?storyid=20399&rss
https://twitter.com/cyb3rops/status/667682572521119744
https://t.co/bsr966ot2c
https://www.virustotal.com/en/file/55d45208e37435847e0083cf9c07afe3a9e544e20ae598b12dea26734bedde98/analysis/
https://twitter.com/cyb3rops/status/667583566809858048
https://t.co/g8ZwWkr2R2
https://nmap.org/7/
https://twitter.com/cyb3rops/status/667581796738052097
https://t.co/0kFzYPN2gj
https://isc.sans.edu/diary.html?storyid=20395&rss
https://twitter.com/cyb3rops/status/667477177450012672
https://t.co/5CjU0yeKXf
http://seclist.us/privesc-is-a-windows-batch-script-that-finds-misconfiguration-issues-which-can-lead-to-privilege-escalation.html
https://twitter.com/cyb3rops/status/667477012802572288
https://t.co/Nm5V56qpl1
http://blog.jpcert.or.jp/2015/11/decrypting-strings-in-emdivi.html
https://twitter.com/cyb3rops/status/667476926857142272
https://t.co/UQYYOSzVS6
https://securelist.com/analysis/publications/72782/russian-financial-cybercrime-how-it-works/
https://twitter.com/cyb3rops/status/667475465762902016
https://t.co/sr7PQqToh0
http://blog.malwarebytes.org/intelligence/2015/11/no-money-but-pony-from-a-mail-to-a-trojan-horse/
https://twitter.com/cyb3rops/status/667248974752030721
https://t.co/0B9Ey244VE
https://twitter.com/albinowax/status/667024590791696385
https://twitter.com/cyb3rops/status/667244906914701312
https://t.co/SWjstQ7i9T
http://arstechnica.com/information-technology/2015/11/telegram-encrypted-messaging-service-cracks-down-on-isis-broadcasts/
https://twitter.com/cyb3rops/status/667244863365226496
https://t.co/b8zKo9ifNV
http://researchcenter.paloaltonetworks.com/2015/11/tdrop2-attacks-suggest-dark-seoul-attackers-return/
https://twitter.com/cyb3rops/status/667237265362575360
https://t.co/w9sa6UWqLo
https://github.com/Microsoft/vscode-docs/blob/master/README.md
https://twitter.com/cyb3rops/status/667106657353211907
https://t.co/YfK9DRcqB4
http://seclist.us/updates-phpsploit-stealth-post-exploitation-framework.html
https://twitter.com/cyb3rops/status/667057507530067969
https://t.co/hE3cHAVe5O
http://blog.hackersonlineclub.com/2015/11/how-to-hack-isis-anonymous-publishes.html
https://twitter.com/cyb3rops/status/667056742166093824
https://t.co/GM6cToBBxt
http://googleprojectzero.blogspot.com/2015/11/windows-sandbox-attack-surface-analysis.html
https://twitter.com/cyb3rops/status/667040319532331008
https://t.co/bIaC2cx4Yo
https://theintercept.com/2015/11/18/overwhelmed-nsa-surprised-to-discover-its-own-surveillance-goldmine-on-venezuelas-oil-executives/
https://twitter.com/cyb3rops/status/667040044142710786
https://t.co/PY5WmRZXE9
https://nakedsecurity.sophos.com/2015/11/18/gmail-warning-that-email-was-not-sent-through-an-encrypted-connection/?utm_source=Naked%2520Security%2520-%2520Feed&utm_medium=feed&utm_content=rss2&utm_campaign=Feed
https://twitter.com/cyb3rops/status/667019134299951105
https://t.co/3AF3SzuBLg
https://www.securusglobal.com/community/2013/12/20/dumping-windows-credentials/
https://twitter.com/cyb3rops/status/667016849570308096
https://t.co/upite1XoWm
http://resources.infosecinstitute.com/nishang-a-post-exploitation-framework/
https://twitter.com/cyb3rops/status/666961864874696708
https://t.co/HplhfD6hK0
https://securityintelligence.com/a-sha-1-certificate-will-fail-soon/
https://twitter.com/cyb3rops/status/666881044281434112
https://t.co/H0WAzPOdjf
https://github.com/docker/dockercraft/blob/master/README.md
https://twitter.com/cyb3rops/status/666879532780150784
https://t.co/qesHBQCyXn
http://seclist.us/java-deserialization-exploit-released.html
https://twitter.com/cyb3rops/status/666878451325001728
https://t.co/m9FGikMKhj
https://adsecurity.org/?p=2011
https://twitter.com/cyb3rops/status/666748286699773952
https://t.co/Adupr5C7sW
https://twitter.com/netbiosX/status/666742147618598912
https://twitter.com/cyb3rops/status/666734315556970496
https://t.co/Vh1t0Kh6tz
http://arstechnica.com/information-technology/2015/11/updated-windows-privacy-policy-a-little-more-reassuring/
https://twitter.com/cyb3rops/status/666717489427038213
https://t.co/7sw4csWCtI
http://seclist.us/updates-rext-router-exploitation-toolkit.html
https://twitter.com/cyb3rops/status/666716558597734401
https://t.co/OsYc8anocQ
http://blog.malwarebytes.org/malvertising-2/2015/11/the-casino-malvertising-campaign/
https://twitter.com/cyb3rops/status/666716283447197697
https://t.co/vl9fRUtifR
https://blog.torproject.org/blog/nine-questions-about-hidden-services
https://twitter.com/cyb3rops/status/666716099497607172
https://t.co/BycUrxfDZ1
https://www.schneier.com/blog/archives/2015/11/on_cisa.html
https://twitter.com/cyb3rops/status/666581292839010304
https://t.co/LfdUjjeUx8
http://blog.philippheckel.com/2013/08/04/use-sslsplit-to-transparently-sniff-tls-ssl-connections/
https://twitter.com/cyb3rops/status/666580595162615810
https://t.co/xjJ1tE3wUY
http://seclist.us/tekdefense-automater-version-0-21-released-ip-url-and-md5-osint-analysis.html
https://twitter.com/cyb3rops/status/666514738793328640
https://t.co/idVYEhubBU
http://seclist.us/microsoft-windows-shortcut-lnk-exploit-for-download-execute.html
https://twitter.com/cyb3rops/status/666513997278130176
https://t.co/CHqUV4ndbZ
http://blogs.technet.com/b/mmpc/archive/2015/11/16/windows-defender-rise-of-the-machine-learning.aspx
https://twitter.com/cyb3rops/status/666355810289770498
https://t.co/5TbGQPQLGe
https://www.fireeye.com/blog/threat-research/2015/11/flare_ida_pro_script.html
https://twitter.com/cyb3rops/status/666355214979584000
https://t.co/v99DZKAEI9
https://isc.sans.edu/diary.html?storyid=20381&rss
https://twitter.com/cyb3rops/status/666297467818872832
https://t.co/WKzmnkyh30
https://hacked.com/paris-attacks-planned-via-playstation-4/
https://twitter.com/cyb3rops/status/666162972549582848
https://t.co/xSOweLEUCn
http://seclist.us/poet-v-0-4-5-released-a-simple-post-exploitation-tool.html
https://twitter.com/cyb3rops/status/665846100990033920
https://twitter.com/cyb3rops/status/665842161280225281
https://t.co/6XKcmO7swn
http://arstechnica.com/security/2015/11/op-ed-how-did-they-break-diffie-hellman/
https://twitter.com/cyb3rops/status/665838674194640897
https://t.co/nZZZSrlQBw
https://github.com/coreos/clair/blob/master/README.md
https://twitter.com/cyb3rops/status/665837957836873729
https://t.co/Kpe8bOvlGh
http://blog.hackersonlineclub.com/2015/11/0d1n-open-source-web-http-fuzzing-tool.html
https://twitter.com/cyb3rops/status/665837693897678849
https://t.co/NUo6fi7kRi
http://news.softpedia.com/news/police-body-cameras-shipped-with-pre-installed-conficker-virus-496177.shtml
https://twitter.com/cyb3rops/status/665717157683179520
https://t.co/mGQaxJYdvq
http://bit.ly/1SsKh60
https://twitter.com/cyb3rops/status/665551431357882369
https://t.co/bNs3zMRnsA
http://www.theregister.co.uk/2015/11/12/mobile_pwn2own/
https://twitter.com/cyb3rops/status/665550570435035136
https://t.co/hBUab2nCd2
http://researchcenter.paloaltonetworks.com/2015/11/dormant-malicious-code-discovered-on-thousands-of-websites/
https://twitter.com/cyb3rops/status/665230437657235456
https://t.co/16dxGWewvF
http://arstechnica.com/tech-policy/2015/11/beware-of-ads-that-use-inaudible-sound-to-link-your-phone-tv-tablet-and-pc/
https://twitter.com/cyb3rops/status/665227910970810372
https://t.co/TBb73v08lT
http://krebsonsecurity.com/2015/11/jpmorgan-hackers-breached-anti-fraud-vendor-g2-web-services/
https://twitter.com/cyb3rops/status/665227765470388224
https://t.co/P0BpcX1ENd
http://googleonlinesecurity.blogspot.com/2015/11/safe-browsing-protection-from-even-more.html
https://twitter.com/cyb3rops/status/665125402478776320
https://t.co/Q1d8TW8O5b
http://seclist.us/cs465bufferoverflow-is-a-buffer-overflow-attack-script.html
https://twitter.com/cyb3rops/status/665099500944547840
https://t.co/rGAWGBEnrb
https://www.virustotal.com/en/file/87a5cf414cacd71a3bebf15d92fad087c7e3e8d6517369337cb8d74de2c4b700/analysis/
https://twitter.com/cyb3rops/status/665091889411055616
https://twitter.com/cyb3rops/status/664905469643870208
https://t.co/UBBPCYCJdb
http://seclist.us/pycket-is-a-simple-python-packet-sniffer-and-manipulation-tool.html
https://twitter.com/cyb3rops/status/664903642802208772
https://t.co/qpa4FN5KKe
https://t.co/sP1OSzd9mE
http://Libertarianism.org
http://www.libertarianism.org/media/free-thoughts-podcast/regulations-gone-wrong
https://twitter.com/cyb3rops/status/664885709858320384
https://t.co/lkCr3IV2cu
http://resources.infosecinstitute.com/pen-stesting-sap-applications-part-1/
https://twitter.com/cyb3rops/status/664885123771428864
https://t.co/p31SoaDESh
http://arstechnica.com/security/2015/11/why-the-attack-on-tor-matters/
https://twitter.com/cyb3rops/status/664871900066222081
https://t.co/CdDVR0rWlj
http://pastebin.com/JsB2x8mp
https://twitter.com/cyb3rops/status/664864169313878016
https://t.co/jj9HiDRcD3
http://www.team-cymru.org/IP-ASN-mapping.html
https://twitter.com/cyb3rops/status/664851828161552384
https://t.co/M58kkVpol1
http://www.brimorlabsblog.com/2015/11/updates-and-new-feature-to-buatapa.html
https://twitter.com/cyb3rops/status/664715340165828608
https://t.co/Wn6B3AiIri
http://seclist.us/androbugs-framework-android-app-security-vulnerability-scanner.html
https://twitter.com/cyb3rops/status/664708897991692289
https://t.co/4EfUQtjoIR
http://arstechnica.com/tech-policy/2015/11/tor-director-fbi-paid-carnegie-mellon-1m-to-break-tor-hand-over-ips/
https://twitter.com/cyb3rops/status/664568385011871744
https://t.co/wQNAczo06l
https://blog.glasswire.com/2015/11/11/monitor-remote-servers-with-glasswire/
https://twitter.com/cyb3rops/status/664531497815310338
https://t.co/Xm84KloXrJ
https://dhavalkapil.com/icmptunnel/
https://twitter.com/cyb3rops/status/664529864406470656
https://t.co/PPQZxD5zQI
https://www.refactor.io/?ref=producthunt
https://twitter.com/cyb3rops/status/664488619047067649
https://t.co/aJYAwGhjDQ
https://twitter.com/ochsenmeier/status/664459122121797637
https://twitter.com/cyb3rops/status/664484591986737152
https://t.co/b7ibqNQRdS
http://krebsonsecurity.com/2015/11/critical-fixes-for-windows-adobe-flash-player/
https://twitter.com/cyb3rops/status/664484088775053313
https://t.co/3he1j9dS0q
https://reaqta.com/2015/11/diving-into-chimera-ransomware/
https://twitter.com/cyb3rops/status/664483815654584320
https://t.co/dMEhb8rsyU
http://arstechnica.com/tech-policy/2015/11/the-snoopers-charter-would-devastate-computer-security-research-in-the-uk/
https://twitter.com/cyb3rops/status/664227683270844416
https://t.co/cCNxXP8pCO
http://seclist.us/thc-hydra-ipv6-attack-toolkit-v-3-1-dev-released.html
https://twitter.com/cyb3rops/status/664057874067415040
https://t.co/VEDIWcqM0D
http://www.scmagazine.com/sap-vulnerabilities-plague-hana-require-reconfiguration/article/452602/
https://twitter.com/cyb3rops/status/663772884301672448
https://twitter.com/cyb3rops/status/663767615240806401
https://t.co/z0QsdhkMt4
http://phishme.com/macro-documents-with-xor-encoded-payloads/
https://twitter.com/cyb3rops/status/663765343635116038
https://t.co/S6KNLKvCyb
http://blog.checkpoint.com/2015/11/09/rocket-kitten-a-campaign-with-9-lives/
https://twitter.com/cyb3rops/status/663765154929201152
https://t.co/2jiPeH4SEE
https://conorpp.com//blog/linx-the-filesharing-server-every-hacker-should-know-about
https://twitter.com/cyb3rops/status/663764615508176896
https://t.co/7JZIi0icde
http://www.darknet.org.uk/2015/11/0d1n-web-http-fuzzing-tool/
https://twitter.com/cyb3rops/status/663656437265145856
https://t.co/oj4fw6oLkg
http://blog.nibblesec.org/2015/11/fixing-java-serialization-bugs-with.html
https://twitter.com/cyb3rops/status/663625124520853504
https://t.co/PusHneBhNE
https://twitter.com/blubbfiction/status/663468171723186176
https://twitter.com/cyb3rops/status/663624837764669440
https://t.co/3UnKPodit0
http://www.hexacorn.com/blog/2015/11/08/decrypting-malwarebytes-quar-files/
https://twitter.com/cyb3rops/status/663624299085959168
https://t.co/r1Y75IRK74
http://seclist.us/updates-ratdecoders-v-2015118-python-decoders-for-common-remote-access-trojans.html
https://twitter.com/cyb3rops/status/663501293403709440
https://t.co/Gzl2VKF1zo
http://www.chiark.greenend.org.uk/~sgtatham/putty/
https://twitter.com/cyb3rops/status/663452558875336705
https://t.co/nNEKrxjuZT
http://seclist.us/simpleemail-is-a-email-recon-tool-that-is-fast-and-easy-framework-to-build-on.html
https://twitter.com/cyb3rops/status/663275458927190016
https://t.co/ctpEi7d5jr
https://juliareda.eu/2015/11/ancillary-copyright-2-0-the-european-commission-is-preparing-a-frontal-attack-on-the-hyperlink/
https://twitter.com/cyb3rops/status/663058202733318144
https://t.co/BjYlNewXla
http://pastebin.com/avJLPfMZ
https://twitter.com/cyb3rops/status/663028531266461696
https://t.co/5K5ES12TIC
https://twitter.com/JacobTorrey/status/662651608992387072
https://twitter.com/cyb3rops/status/662915581675487233
https://t.co/F7LxtZtXp8
http://www.forensickb.com/2015/11/encase-enscript-to-find-files-on-remote.html
https://twitter.com/cyb3rops/status/662915441006944256
https://t.co/JQozIJ5THh
http://seclist.us/a-simple-buffer-overflow-assignment.html
https://twitter.com/cyb3rops/status/662915281329782784
https://t.co/cKwFyCXP58
https://github.com/Tribler/self-compile-Android/blob/master/README.md
https://twitter.com/cyb3rops/status/662810427676561409
https://t.co/fe1utLBqrY
http://blog.didierstevens.com/2015/11/07/stats-for-analysis-of-an-office-maldoc-with-encrypted-payload-oledump-plugin/
https://twitter.com/cyb3rops/status/662732583143256065
https://t.co/8B1R4Wq2H7
http://blog.trendmicro.com/trendlabs-security-intelligence/dridex-down-but-not-out/
https://twitter.com/cyb3rops/status/662732491661271040
https://t.co/8SD7jGF7US
http://blog.malwarebytes.org/exploits-2/2015/11/new-malwarebytes-anti-exploit-adds-fingerprinting-detection/
https://twitter.com/cyb3rops/status/662732275537154052
https://t.co/RKvzKdyofM
http://arstechnica.com/security/2015/11/microsoft-considers-blocking-sha-1-certificates-after-cost-of-collisions-slashed/
https://twitter.com/cyb3rops/status/662731957084684289
https://t.co/sWxPnIFWzy
https://blogs.mcafee.com/mcafee-labs/beware-rapid-proliferation-cyber-warfare-capabilities/
https://twitter.com/cyb3rops/status/662731821247954944
https://t.co/DDBymCha4J
http://seclist.us/medusa-v2-2_rc3-released-is-a-speedy-parallel-and-modular-login-brute-forcer.html
https://twitter.com/cyb3rops/status/662708944402382852
https://t.co/prcLcr5S4R
http://www.shellntel.com/blog/2015/6/11/dragon-a-windows-non-binding-passive-downloadexec-backdoor
https://twitter.com/cyb3rops/status/662681242056450048
https://t.co/4Ww20aXcmQ
http://volatility-labs.blogspot.com/2015/11/plugx-memory-forensics-lifecycle-with.html
https://twitter.com/cyb3rops/status/662647426315079681
https://t.co/SnCwTh6Z3p
http://www.welivesecurity.com/2015/11/06/protonmail-hit-another-ddos-attack/
https://twitter.com/cyb3rops/status/662561877063503873
https://t.co/GTs4wHgmWm
http://blog.hackersonlineclub.com/2015/11/akamai-reflective-ddos-tool.html
https://twitter.com/cyb3rops/status/662560941616295937
https://t.co/Eafjr4eR3G
https://blog.avast.com/2015/11/05/droidjack-isnt-the-only-spying-software-out-there-avast-discovers-that-omnirat-is-currently-being-used-and-spread-by-criminals-to-gain-full-remote-control-of-devices/
https://twitter.com/cyb3rops/status/662548616544956416
https://t.co/j1JE3hD6Sz
https://t.co/CkVZ0u95II
https://www.youtube.com/watch?v=FPKU8eeun5A
https://www.youtube.com/watch?v=3UZ3Afm5hO4
https://twitter.com/cyb3rops/status/662401247455150086
https://t.co/y3HGUrhEaW
http://www.fireeye.com/blog/threat-research/2015/10/shim_shady_live_inv.html
https://twitter.com/cyb3rops/status/662356938878009344
https://t.co/s2J8Et1HKq
http://baesystemsai.blogspot.com/2015/11/peering-into-dyres-traffic.html
https://twitter.com/cyb3rops/status/662356046783127556
https://t.co/WCnSTpM36L
http://holisticinfosec.blogspot.com/2015/11/toolsmith110-sysinternals-vs-kryptic.html
https://twitter.com/cyb3rops/status/662355857276030976
https://t.co/eBYyREeXP5
http://blog.talosintel.com/2015/11/tech-support-scammers.html
https://twitter.com/cyb3rops/status/662355580674265088
https://t.co/p6IzD0Mze5
http://www.hexacorn.com/blog/2015/11/05/java-and-oracle_jre_usage-folder/
https://twitter.com/cyb3rops/status/662296396431826944
https://twitter.com/cyb3rops/status/662291153333653505
https://t.co/Qa8YWoFJJS
https://cyberarms.wordpress.com/2015/11/05/easy-remote-shells-with-web-delivery/
https://twitter.com/cyb3rops/status/662235327222915072
https://twitter.com/cyb3rops/status/662217942168444928
https://t.co/w7mfZiFjx6
https://t.co/bOOHusJvPB
https://www.eff.org/deeplinks/2015/10/how-to-protect-yourself-from-nsa-attacks-1024-bit-DH
http://pastebin.com/Q93Ttq0v
https://twitter.com/cyb3rops/status/662210969221931008
https://t.co/jIPQSPO7Eo
https://twitter.com/davecheney/status/662150143332892672
https://twitter.com/cyb3rops/status/662206927707967489
https://twitter.com/cyb3rops/status/661985182434631680
https://t.co/zLRMpRicRG
http://blog.checkpoint.com/2015/11/04/offline-ransomware-encrypts-your-data-without-cc-communication/
https://twitter.com/cyb3rops/status/661984403757907968
https://t.co/ydiHzs16eD
http://arstechnica.com/security/2015/11/user-data-plundering-by-android-and-ios-apps-is-as-rampant-as-you-suspected/
https://twitter.com/cyb3rops/status/661983924458008576
https://t.co/UUTM207DxK
http://seclist.us/oscarf-oscar-open-source-collection-of-osint-data-and-recon-framework.html
https://twitter.com/cyb3rops/status/661947922796437505
https://t.co/Fk5TKiadQM
http://cryptosith.org/michael/data/talks/2015-04-28-UWNumberTheorySeminar.pdf
https://twitter.com/cyb3rops/status/661941125306011649
https://twitter.com/cyb3rops/status/661802911584899072
https://t.co/MRPSxgLoE3
http://blog.hackersonlineclub.com/2015/11/tutorial-xssf-in-metasploit.html
https://twitter.com/cyb3rops/status/661802760791265280
https://t.co/6beiZfZAan
http://arstechnica.com/security/2015/11/vbulletin-password-hack-fuels-fears-of-serious-internet-wide-0-day-attacks/
https://twitter.com/cyb3rops/status/661638973606002688
https://t.co/zw5NRBHuwi
http://seclist.us/bluto-v-1-1-6-released-dns-recon-brute-forcer-dns-zone-transfer.html
https://twitter.com/cyb3rops/status/661638852558368773
https://t.co/BAPT9EMne9
http://research.zscaler.com/2015/11/chinese-government-website-compromised.html
https://twitter.com/cyb3rops/status/661638811735171072
https://t.co/bw9Z42o1Kv
https://blog.torproject.org/blog/tails-17-out
https://twitter.com/cyb3rops/status/661593928563621888
https://t.co/dhqwPzGvoq
https://isc.sans.edu/diary.html?storyid=20331&rss
https://twitter.com/cyb3rops/status/661593452803727360
https://t.co/JndncElGeF
http://www.fireeye.com/blog/threat-research/2015/11/xcodeghost_s_a_new.html
https://twitter.com/cyb3rops/status/661593371144794112
https://t.co/08cfGI31EI
http://blog.trendmicro.com/trendlabs-security-intelligence/angler-and-nuclear-exploit-kits-integrate-pawn-storm-flash-exploit/
https://twitter.com/cyb3rops/status/661443385971097600
https://t.co/WZkaAaxir9
http://www.ehacking.net/2015/11/android-fixes-critical-vulnerabilities.html
https://twitter.com/cyb3rops/status/661315844669112321
https://t.co/OXsHt1LaCV
http://arstechnica.com/information-technology/2015/11/how-a-group-of-neighbors-created-their-own-internet-service/?utm_content=23087173&utm_medium=social&utm_source=facebook
https://twitter.com/cyb3rops/status/661292787153899521
https://t.co/0LsF5E7a9h
http://www.darknet.org.uk/2015/11/scumblr-by-netflix-automatically-scan-for-leaks/
https://twitter.com/cyb3rops/status/661291856240754688
https://t.co/RaQCFfke0o
http://arstechnica.com/security/2015/11/hacking-tool-swipes-encrypted-credentials-from-password-manager/
https://twitter.com/cyb3rops/status/661291113916047360
https://t.co/vVTCXImhhy
http://blog.malwarebytes.org/news/2015/11/has-macupdate-fallen-to-the-adware-plague/
https://twitter.com/cyb3rops/status/661291038129192960
https://t.co/Vyn8nxovQ8
http://googleprojectzero.blogspot.com/2015/11/hack-galaxy-hunting-bugs-in-samsung.html
https://twitter.com/cyb3rops/status/661175291058987008
https://t.co/vq4v5Y1ctx
http://resources.infosecinstitute.com/how-much-is-a-zero-day-exploit-for-an-scadaics-system/
https://twitter.com/cyb3rops/status/660963950562013184
https://twitter.com/cyb3rops/status/660925617676886020
https://t.co/1uqBgPTfEp
http://seclist.us/denial-of-service-attacks-on-host-based-generic-unpackers.html
https://twitter.com/cyb3rops/status/660861726007631872
https://t.co/2DfWbm82In
http://www.greyhathacker.net/?p=738
https://twitter.com/cyb3rops/status/660861546432765953
https://t.co/ZNOXJnclbu
https://github.com/aus-der-Technik/CCC-TV
https://twitter.com/cyb3rops/status/660612298277564417
https://t.co/zZK0wjGZ0y
http://seclist.us/cartero-v10-9-15-a-robust-phishing-framework-with-a-full-featured-cli-interface.html
https://twitter.com/cyb3rops/status/660606105484066816
https://t.co/OfmqGS5CHa
https://t.co/VMcy2i7wHR
http://pastebin.com/JRVBxXNe
https://github.com/Neo23x0/Loki/blob/master/signatures/crime_shifu_trojan.yar
https://twitter.com/cyb3rops/status/660540471400247296
https://t.co/0zIaLN6mOK
https://github.com/eliben/pyelftools
https://twitter.com/cyb3rops/status/660502268823867392
https://t.co/EtwEpvRr3f
https://github.com/ctxis/wsuspect-proxy/blob/master/README.md
https://twitter.com/cyb3rops/status/660500419584638976
https://twitter.com/cyb3rops/status/660459465335029760
https://t.co/ovvqfNEjpi
https://github.com/Microsoft/microsoft-pdb
https://twitter.com/cyb3rops/status/660459069715689472
https://t.co/u0iDxVf1fH
http://arstechnica.com/security/2015/10/how-to-use-tor-messenger-the-most-secure-chat-program-around/
https://twitter.com/cyb3rops/status/660422850562551808
https://twitter.com/cyb3rops/status/660248315129372672
https://t.co/5ylTfmTKDU
http://www.hecfblog.com/2015/10/presenting-elastichandler-osdfcon-2015.html
https://twitter.com/cyb3rops/status/660247365882900480
https://t.co/Db3m9lXmoZ
http://seclist.us/tap-v1-1-1-released-is-a-remote-penetration-testing-platform-builder.html
https://twitter.com/cyb3rops/status/660247029550063616
https://t.co/0A7ZcL1AP3
https://blog.malwarebytes.org/exploits-2/2015/10/recent-flash-zero-day-now-part-of-exploit-kits/?utm_source=facebook&utm_medium=social
https://twitter.com/cyb3rops/status/660159062391316480
https://t.co/hHlVi9VASp
http://seclist.us/androidpincrack-bruteforce-the-android-passcode-given-the-hash-and-salt.html
https://twitter.com/cyb3rops/status/660159018611142656
https://t.co/JbYVj8cG7h
http://www.darknet.org.uk/2015/10/damm-differential-analysis-of-malware-in-memory/
https://twitter.com/cyb3rops/status/660158818857443328
https://t.co/rvxFXoLU7e
http://arstechnica.com/security/2015/10/dont-count-on-starttls-to-automatically-encrypt-your-sensitive-e-mails/
https://twitter.com/cyb3rops/status/660087566226493441
https://twitter.com/cyb3rops/status/659994902063923200
https://t.co/6njENAbXIG
http://seclists.org/fulldisclosure/2015/Oct/106
https://twitter.com/cyb3rops/status/659994634580570112
https://t.co/TmFxWYNqmJ
http://seclists.org/fulldisclosure/2015/Oct/109
https://twitter.com/cyb3rops/status/659861672597839872
https://t.co/nHPIHiMBm8
https://hacked.com/the-biggest-ever-u-s-healthcare-hack-wasnt-for-sinister-needs/
https://twitter.com/cyb3rops/status/659810691252150273
https://t.co/XOQUm8mz9G
http://www.hexacorn.com/blog/2015/10/29/autoit3-nested-dolls/
https://twitter.com/cyb3rops/status/659810450792542212
https://t.co/26j3GTlgTY
http://arstechnica.com/security/2015/10/xen-patches-7-year-old-bug-that-shattered-hypervisor-security/
https://twitter.com/cyb3rops/status/659810366801780740
https://t.co/7W20WVFGlN
http://www.harmj0y.net/blog/empire/empire-1-3/
https://twitter.com/cyb3rops/status/659810107048534016
https://t.co/DRW1AVnUsP
http://blog.hackersonlineclub.com/2015/10/tor-released-beta-messenger-cross.html
https://twitter.com/cyb3rops/status/659775706751238144
https://t.co/Z4GTtAc8Zi
https://github.com/SekoiaLab/Fastir_Collector
https://twitter.com/cyb3rops/status/659727754099892224
https://t.co/4mNSJ3Dq1Y
https://github.com/google/yapf
https://twitter.com/cyb3rops/status/659675292059967489
https://twitter.com/cyb3rops/status/659498398555344896
https://t.co/p95xKGhWtx
http://git2go.com/
https://twitter.com/cyb3rops/status/659455190706311168
https://t.co/4Eo5A6rq0W
http://h30499.www3.hp.com/t5/Security-Research/Reflected-File-Download-in-Spring-MVC/ba-p/6806008
https://twitter.com/cyb3rops/status/659453685253173248
https://t.co/q8kwT3dI67
http://www.darknet.org.uk/2015/10/fbi-recommends-crypto-ransomware-victims-just-pay/
https://twitter.com/cyb3rops/status/659453479031844864
https://t.co/jR1L5oE3IG
http://arstechnica.com/security/2015/10/13-million-plaintext-passwords-belonging-to-webhost-users-leaked-online/
https://twitter.com/cyb3rops/status/659453431455813632
https://t.co/8y7yF8CZib
http://blog.malwarebytes.org/privacy-2/2015/10/leaving-laptops-in-hotel-rooms-a-bad-idea/
https://twitter.com/cyb3rops/status/659453330729672705
https://t.co/GbzoCOuaS9
https://www.schneier.com/blog/archives/2015/10/why_is_the_nsa_.html
https://twitter.com/cyb3rops/status/659378803928645633
https://t.co/Rzk4FRVsXf
http://positon.org/an-outgoing-port-tester
https://twitter.com/cyb3rops/status/659339954166865920
https://t.co/J21ZRDPAfY
http://www.kitploit.com/2015/10/xpl-search-search-exploits-in-multiple.html
https://twitter.com/cyb3rops/status/659339912383242240
https://t.co/XK6LZvfXoO
https://community.rapid7.com/community/appspider/blog/2015/10/26/mobile-application-security-lock-the-back-door
https://twitter.com/cyb3rops/status/659339804195356672
https://t.co/sOGZ5LVD1z
https://community.rapid7.com/community/appspider/blog/2015/10/27/eight-reasons-why-sql-injection-vulnerabilities-still-exist-a-developer-s-perspective
https://twitter.com/cyb3rops/status/659149428679421953
https://t.co/9UcUuOiwN8
http://www.oo-software.com/en/shutup10
https://twitter.com/cyb3rops/status/659107600194252801
https://t.co/W2L1URxbd1
https://www.trustwave.com/Resources/SpiderLabs-Blog/About-Lenovo-System-Update-Vulnerabilities-and-CVE-2015-6971/
https://twitter.com/cyb3rops/status/659107510612283392
https://t.co/q5Dw9qPLL3
http://seclist.us/simple-rootkit-written-in-c.html
https://twitter.com/cyb3rops/status/659107416227913728
https://t.co/vRJFfD0VnL
http://arstechnica.com/security/2015/10/unpatched-browser-weaknesses-can-be-exploited-to-track-millions-of-web-users/
https://twitter.com/cyb3rops/status/659020939854770178
https://t.co/bGvQqM0qmN
https://t.co/Vs5TAl19yi
https://www.virustotal.com/en/file/e46b038a1e735c4bf9aab5b8610ff38fa19670daf0bace985511acfc3a497459/analysis/
https://malwr.com/analysis/ZTlkMjY5YjI4MTAzNDk3ZmEyNGFkYWRkYjVhNzBlYzc/
https://twitter.com/cyb3rops/status/658966183199293440
https://t.co/HTzhuw9uma
https://github.com/armbues/ioc_parser
https://twitter.com/cyb3rops/status/658956335288053760
https://t.co/zeFg340Yvn
http://www.howtogeek.com/228551/how-to-stop-windows-7-or-8-from-downloading-windows-10-automatically/
https://twitter.com/cyb3rops/status/658749835814772736
https://t.co/wB0dzyCpNy
http://blog.malwarebytes.org/mac/2015/10/is-mac-malware-on-the-rise/
https://twitter.com/cyb3rops/status/658749746895527936
https://t.co/72v5RNVGEe
http://blog.malwarebytes.org/mobile-2/2015/10/the-art-of-data-wiping-on-mobile-devices/
https://twitter.com/cyb3rops/status/658700794632519680
https://t.co/MgbgSA69OJ
http://blog.gdssecurity.com/labs/2015/10/26/exploiting-padding-oracle-to-gain-encryption-keys.html
https://twitter.com/cyb3rops/status/658700474275774464
https://t.co/q9vGq8Rmbu
https://github.com/jgrahamc/webwatch
https://twitter.com/cyb3rops/status/658581144439496704
https://t.co/CEhDPNFvcZ
https://github.com/n1nj4sec/memorpy
https://twitter.com/cyb3rops/status/658492913094172672
https://t.co/KKutM5ys7S
http://seclist.us/netool-sh-v-4-5-2-released-mitm-pentesting-opensource-t00lkit.html
https://twitter.com/cyb3rops/status/658407508797739008
https://t.co/Ja5l7m5utV
https://github.com/eBay/fabio
https://twitter.com/cyb3rops/status/658402247647371264
https://t.co/zpZIW2mo9q
https://www.opsdash.com/?ref=producthunt
https://twitter.com/cyb3rops/status/658398186822873088
https://t.co/oBa8hWgiET
https://twitter.com/nickgillespie/status/658342608742260736
https://twitter.com/cyb3rops/status/658352730944249857
https://t.co/YEcA4sxBmi
http://arstechnica.com/business/2015/10/this-11-year-old-is-selling-cryptographically-secure-passwords-for-2-each/
https://twitter.com/cyb3rops/status/658352560089223170
https://t.co/8SwJWQ084Y
http://seclist.us/spiderfoot-v2-6-0-released-is-an-open-source-footprinting-and-intelligence-automation-tool.html
https://twitter.com/cyb3rops/status/658214184111489024
https://t.co/eRz0p9mFR3
https://t.co/bciyYdcblE
https://www.virustotal.com/en/file/858726381c91627674594a2210ea1cc382143deece99b3aaceec8ab100bf01ea/analysis/
https://www.hybrid-analysis.com/my-submissions/vx_562b6e9c06fa59.84227832
https://twitter.com/cyb3rops/status/658213129340481536
https://twitter.com/cyb3rops/status/658210678713556992
https://t.co/cnpkvO6eW9
https://hacked.com/doj-still-determined-force-apple-decrypt/
https://twitter.com/cyb3rops/status/657819313668276224
https://t.co/fvBz1zHFJg
http://seclist.us/backsniffer-is-a-covert-communication-suite-that-allows-communication-between-an-attacker-a-backdoor-application.html
https://twitter.com/cyb3rops/status/657651351460139008
https://t.co/ukwd6kVW6L
http://blog.cloudflare.com/results-experimenting-brotli/
https://twitter.com/cyb3rops/status/657649421266636800
https://t.co/DnIFk2sYc6
https://www.dsinternals.com/en/update-on-the-azure-active-directory-password-sync-security-analysis/
https://twitter.com/cyb3rops/status/657607102958030848
https://t.co/GHuypDxAEU
https://isc.sans.edu/diary.html?storyid=20295&rss
https://twitter.com/cyb3rops/status/657604221005668353
https://twitter.com/cyb3rops/status/657563776061984768
https://t.co/7hzFjGJuT1
https://nakedsecurity.sophos.com/2015/10/23/check-your-facebook-settings-to-make-sure-your-posts-arent-searchable/?utm_source=Naked%2520Security%2520-%2520Feed&utm_medium=feed&utm_content=rss2&utm_campaign=Feed
https://twitter.com/cyb3rops/status/657563494204731392
https://t.co/XrhnSY7nsn
http://flemmingriis.com/get-adhashdump/
https://twitter.com/cyb3rops/status/657563157557284864
https://t.co/wHfowuzxp8
https://securelist.com/blog/research/72473/on-the-trail-of-stagefright-2/
https://twitter.com/cyb3rops/status/657518424877375488
https://twitter.com/cyb3rops/status/657515361705836544
https://t.co/YIAuETF5JO
https://nakedsecurity.sophos.com/2015/10/23/apple-closes-a-raft-of-drive-by-download-holes-in-os-x-and-ios/?utm_source=Naked%2520Security%2520-%2520Feed&utm_medium=feed&utm_content=rss2&utm_campaign=Feed
https://twitter.com/cyb3rops/status/657336725493170176
https://t.co/nmcANu6VC0
http://arstechnica.com/security/2015/10/nsa-advisory-sparks-concern-of-secret-advance-ushering-in-cryptoapocalypse/
https://twitter.com/cyb3rops/status/657336463009411072
https://t.co/HLx1l058kK
https://blogs.mcafee.com/mcafee-labs/update-to-gate-worm-file-infector-hijacks-files/
https://twitter.com/cyb3rops/status/657321384293572608
https://t.co/YUZVbqVtNJ
http://blog.trendmicro.com/trendlabs-security-intelligence/pawn-storm-targets-mh17-investigation-team/
https://twitter.com/cyb3rops/status/657321273266147329
https://t.co/8xf6BeTRdT
http://blog.malwarebytes.org/intelligence/2015/10/beware-of-doc-a-look-on-malicious-macros/
https://twitter.com/cyb3rops/status/657321100834185221
https://t.co/pcSbvdTRUb
http://www.net-security.org/secworld.php?id=18995
https://twitter.com/cyb3rops/status/657253324010496000
https://t.co/6pQMOPqJHU
https://nakedsecurity.sophos.com/2015/10/22/us-navy-renews-training-in-celestial-navigation-over-gps-hack-fears/?utm_source=Naked%2520Security%2520-%2520Feed&utm_medium=feed&utm_content=rss2&utm_campaign=Feed
https://twitter.com/cyb3rops/status/657212970473254912
https://t.co/YRbf2SRQO5
http://seclist.us/cloudget-v0-72-released-python-script-to-bypass-cloudflare-from-command-line.html
https://twitter.com/cyb3rops/status/657140146157047808
https://t.co/2pnOyWD8SW
http://www.net-security.org/secworld.php?id=19009
https://twitter.com/cyb3rops/status/657084292930105344
https://t.co/eoCB4cvx1t
http://arstechnica.com/security/2015/10/new-attacks-on-network-time-protocol-can-defeat-https-and-create-chaos/
https://twitter.com/cyb3rops/status/657084037098524672
https://t.co/ne1LER6jkP
http://researchcenter.paloaltonetworks.com/2015/10/chinese-taomike-monetization-library-steals-sms-messages/
https://twitter.com/cyb3rops/status/657082600801091584
https://t.co/ZAcyAy1zay
http://informationonsecurity.blogspot.co.at/2015/10/automating-forensic-artifact-collection.html?m=1
https://twitter.com/cyb3rops/status/656969480594137089
https://t.co/cltjJb5ylu
https://t.co/Hj1Zqfq5pM
http://ly0n.me/2015/10/21/uploading-files-to-compromised-systems/
https://twitter.com/ly0nx/status/656947434065670144
https://twitter.com/cyb3rops/status/656904492789714944
https://t.co/guiDqvxOrl
https://nakedsecurity.sophos.com/2015/10/21/apple-tells-judge-its-impossible-to-unlock-a-device-running-ios-8-or-higher/?utm_source=Naked%2520Security%2520-%2520Feed&utm_medium=feed&utm_content=rss2&utm_campaign=Feed
https://twitter.com/cyb3rops/status/656903583447826432
https://t.co/fBWMg4I920
http://h30499.www3.hp.com/t5/Security-Research-Blog/There-s-no-place-like-1-Malware-for-the-masses/ba-p/6803498
https://twitter.com/cyb3rops/status/656850846278361088
https://t.co/3YUh0xmdFZ
http://blog.malwarebytes.org/malvertising-2/2015/10/kampagnen-malvertising-campaign-goes-after-german-users/
https://twitter.com/cyb3rops/status/656850450130554880
https://t.co/KgEcF7xowR
http://www.net-security.org/secworld.php?id=19006
https://twitter.com/cyb3rops/status/656744033327300608
https://twitter.com/cyb3rops/status/656734893200642048
https://t.co/L9icemA5Uz
https://twitter.com/gN3mes1s/status/656561662024142855
https://twitter.com/cyb3rops/status/656729238448410625
https://t.co/28qmH7uWwq
https://t.co/xlTvWpjBdJ
https://blogs.rsa.com/terracotta-vpn-enabler-of-advanced-threat-anonymity/
https://www.virustotal.com/en/file/1169c49ee28fb03b02fa28d05b114ef25a5d8283ba00bc87afc635be83c1e538/analysis/
https://twitter.com/cyb3rops/status/656726056372539392
https://t.co/Ugi4UO3Ytr
https://github.com/8u1a/plyara
https://twitter.com/cyb3rops/status/656720502573019136
https://t.co/5EcWhLrmRY
http://blog.talosintel.com/2015/10/dangerous-clipboard.html?m=1
https://twitter.com/cyb3rops/status/656719829752152065
https://t.co/FGwRBz9r4F
http://seclist.us/shellshock-py-a-python-script-to-attack-a-host-with-a-shellshock-vulnerability.html
https://twitter.com/cyb3rops/status/656555505180131328
https://t.co/mPeltfUw84
http://h30499.www3.hp.com/t5/Security-Research/PDB-Type-Theft/ba-p/6801065
https://twitter.com/cyb3rops/status/656471920423120896
https://t.co/dEXR3e3t33
http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html
https://twitter.com/cyb3rops/status/656422675376644096
https://t.co/EkFakHE5N2
https://letsencrypt.org/2015/10/19/lets-encrypt-is-trusted.html
https://twitter.com/cyb3rops/status/656391902149783552
https://t.co/qCFJmryC9k
http://blog.trendmicro.com/trendlabs-security-intelligence/new-adobe-flash-zero-day-used-in-pawn-storm-campaign/
https://twitter.com/cyb3rops/status/656383903654092800
https://t.co/uzVIQ075tk
http://arstechnica.com/security/2015/10/security-firm-report-china-may-already-breaking-agreement-on-hacking/
https://twitter.com/cyb3rops/status/656383476900495360
https://t.co/HOIxDooPIP
http://blog.malwarebytes.org/intelligence/2015/10/unpacking-fraudulent-fax-dyreza-malware-from-spam/
https://twitter.com/cyb3rops/status/656382950968311808
https://t.co/xDfZMyvTY9
http://arstechnica.com/tech-policy/2015/10/hacker-releases-new-purported-personal-data-for-top-cia-dhs-officials/
https://twitter.com/cyb3rops/status/656382858618085376
https://t.co/7uEGfi8vPK
http://www.kitploit.com/2015/10/rubocop-ruby-static-code-analyzer-based.html
https://twitter.com/cyb3rops/status/655927043578707968
http://t.co/BIUeJ7a0Mv
http://www.kitploit.com/2015/10/thefuck-magnificent-app-which-corrects.html
https://twitter.com/cyb3rops/status/655926862841933824
http://t.co/QDh4QA2oC3
http://blog.malwarebytes.org/exploits-2/2015/10/new-neutrino-ek-campaign-drops-andromeda/
https://twitter.com/cyb3rops/status/655824252990451712
http://t.co/Q1RU2qD83l
http://hyperboria.net/
https://twitter.com/cyb3rops/status/655725120044929024
http://t.co/XdGNrri9KF
http://seclist.us/bettercap-v1-1-5-released-a-complete-modular-portable-and-easily-extensible-mitm-framework.html
https://twitter.com/cyb3rops/status/655630104136052737
http://t.co/eYfa6P49FD
http://conorpp.com//blog/a-close-look-at-an-operating-botnet
https://twitter.com/cyb3rops/status/655630002491289601
http://t.co/N4SsvJIMrR
http://seclist.us/cryptbackdoor-windows-crypt-api-hook-to-generate-weak.html
https://twitter.com/cyb3rops/status/655576932193406976
http://t.co/DQIdRDPNCD
http://conorpp.com//blog/using-a-docker-container-to-log-into-irc-via-tor
https://twitter.com/cyb3rops/status/655536346681884672
http://t.co/8Lm3yPMlbI
http://www.fuzzysecurity.com/tutorials/16.html
https://twitter.com/cyb3rops/status/655535190664544256
http://t.co/dW9S0ynzhr
http://www.powershellempire.com/?page_id=378
https://twitter.com/cyb3rops/status/655443780628185088
https://t.co/ioeWp4EJ8s
https://www.bsk-consulting.de/2015/10/17/how-to-write-simple-but-sound-yara-rules-part-2/
https://twitter.com/cyb3rops/status/655374205081378817
http://t.co/wNWeYmdg01
http://blog.crowdstrike.com/blurring-of-commodity-and-targeted-attack-malware/
https://twitter.com/cyb3rops/status/655372730166984705
http://t.co/LOBsmu7FUC
http://seclists.org/fulldisclosure/2015/Oct/77
https://twitter.com/cyb3rops/status/655372450100744192
http://t.co/VDsZV6LaeO
http://www.secureworks.com/cyber-threat-intelligence/threats/dridex-bugat-v5-botnet-takeover-operation/
https://twitter.com/cyb3rops/status/655255160038359040
http://t.co/iIKqStoShk
http://www.wired.com/2015/10/fed-drone-registration/
https://twitter.com/cyb3rops/status/655232088459755520
https://t.co/OrqPP4t9A1
https://github.com/pentestmonkey/windows-privesc-check
https://twitter.com/cyb3rops/status/655215299176742913
http://t.co/9kAz5concH
http://www.kitploit.com/2015/10/b374k-php-webshell-with-handy-features.html
https://twitter.com/cyb3rops/status/655214998675853312
https://t.co/qDqs7NVukw
https://code.google.com/p/google-security-research/issues/detail?id=547
https://twitter.com/cyb3rops/status/655213420401131520
http://t.co/Af2JytNtOY
http://blog.malwarebytes.org/online-security/2015/10/efast-browser-hijacks-file-associations/
https://twitter.com/cyb3rops/status/655213373869522944
http://t.co/mExTXezHSM
http://researchcenter.paloaltonetworks.com/2015/10/surveillance-malware-trends-tracking-predator-pain-and-hawkeye/
https://twitter.com/cyb3rops/status/655212970700484608
http://t.co/oAKlnuk0do
http://seclist.us/od1n-is-a-tool-to-designed-for-bruteforcing-fuzzing-web-applications.html
https://twitter.com/cyb3rops/status/655108488981557248
https://twitter.com/cyb3rops/status/655079930384900096
https://t.co/fe3yszftRv
https://thehackernews.com/2015/09/how-to-windows-10.html
https://twitter.com/cyb3rops/status/655078009712459776
https://t.co/ae0vSQkrhd
https://swannysec.github.io/2015/10/10/building-an-analysis-toolkit.html
https://twitter.com/cyb3rops/status/655018447684833281
http://t.co/DYhD4k7H1M
http://www.net-security.org/secworld.php?id=18989
https://twitter.com/cyb3rops/status/655018375391809540
https://t.co/xcf8rRAXEW
https://www.schneier.com/blog/archives/2015/10/breaking_diffie.html
https://twitter.com/cyb3rops/status/654798147156217860
http://t.co/OJgRYG53XZ
http://researchcenter.paloaltonetworks.com/2015/10/connecting-the-dots-in-cyber-threat-campaigns-part-1-domain-name-whois-information/
https://twitter.com/cyb3rops/status/654680400925618176
http://t.co/h988mXM2Z1
http://www.net-security.org/secworld.php?id=18982
https://twitter.com/cyb3rops/status/654680268406558720
https://t.co/GpBFLy6ub7
https://danielmiessler.com/blog/a-theory-on-how-the-nsa-can-decrypt-some-public-traffic/
https://twitter.com/cyb3rops/status/654680191650803715
https://t.co/BB6Uago44R
https://nakedsecurity.sophos.com/2015/10/15/dridex-botnet-taken-down-multi-million-bank-fraud-suspect-arrested/?utm_source=Naked%2520Security%2520-%2520Feed&utm_medium=feed&utm_content=rss2&utm_campaign=Feed
https://twitter.com/cyb3rops/status/654505716489687040
https://t.co/ei4CPrKJtm
https://adsecurity.org/?p=1684
https://twitter.com/cyb3rops/status/654505537472561156
https://t.co/quQqYFJ1Qa
https://n0where.net/ransomware-crypter-kit-eda2/
https://twitter.com/cyb3rops/status/654459305656250368
http://t.co/6VMa3JQBdY
http://blog.malwarebytes.org/online-security/2015/10/stolen-7-zip-bundled-with-adware/
https://twitter.com/cyb3rops/status/654458988814278656
http://t.co/1mjBNQDk93
http://secureornot.blogspot.de/2015/03/gopro-update-mechanism-exposes-multiple.html?m=1
https://twitter.com/cyb3rops/status/654458447258353664
http://t.co/wJDEPQymGr
http://seclist.us/spraywmi-is-a-method-for-mass-spraying-unicorn-powershell-injection-to-cidr-notations.html
https://twitter.com/cyb3rops/status/654458108375367680
https://t.co/tV29GfhiIh
https://danielmiessler.com/blog/understanding-the-blockchain/
https://twitter.com/cyb3rops/status/654301484566220800
http://t.co/faHc4553LQ
http://justhaifei1.blogspot.com/2015/10/watch-your-downloads-risk-of-auto.html?m=1
https://twitter.com/cyb3rops/status/654300470387720192
http://t.co/yePnkynFA9
http://articles.forensicfocus.com/2015/10/14/microsoft-edge-browser-forensics-exploring-project-spartan/
https://twitter.com/cyb3rops/status/654300348492877825
http://t.co/WJVsBuwNp5
http://securityaffairs.co/wordpress/41044/cyber-crime/fin5-hacked-a-casino.html
https://twitter.com/cyb3rops/status/654299470494994432
http://t.co/XVzMEmmnfi
http://seclist.us/the-backdoor-factory-bdf-v-3-2-0-released-patch-pe-elf-mach-o-binaries-with-shellcode.html
https://twitter.com/cyb3rops/status/654299143976849408
http://t.co/yrBLmnVYlv
http://researchcenter.paloaltonetworks.com/2015/10/the-cybersecurity-canon-data-and-goliath-the-hidden-battles-to-collect-your-data-and-control-your-world/
https://twitter.com/cyb3rops/status/654108908450017280
http://t.co/P05DsMlTAC
http://arstechnica.com/security/2015/10/new-zero-day-exploit-hits-fully-patched-adobe-flash/
https://twitter.com/cyb3rops/status/654108729302888449
http://t.co/EKxj41ygHv
http://www.forensicfocus.com/News/article/sid=2520/
https://twitter.com/cyb3rops/status/654108585895456768
http://t.co/XCMizkEWVo
http://blog.checkpoint.com/2015/10/09/israeli-public-sector-targeted-by-zeus-trojan-hidden-in-a-word-document/
https://twitter.com/cyb3rops/status/654108349370253312
http://t.co/cZizHkmGfU
http://www.harmj0y.net/blog/redteaming/powerview-2-0/
https://twitter.com/cyb3rops/status/654107443002146816
http://t.co/rmWa7LCSOb
http://arstechnica.com/security/2015/10/university-of-cambridge-study-finds-87-of-android-devices-are-insecure/
https://twitter.com/cyb3rops/status/654107148691968000
http://t.co/qeZDlzdNLL
http://krebsonsecurity.com/2015/10/hacker-who-sent-me-heroin-faces-charges-in-u-s/
https://twitter.com/cyb3rops/status/654086722377097216
https://t.co/PPGEMAsZat
http://t.co/1fgzfb6Yxw
https://t.co/R5YRE7awIG
https://weankor.vxstream-sandbox.com/my-submissions/vx_561d4c1085ad49.31763389
http://pastebin.com/hN6inBbJ
https://github.com/Neo23x0/Loki/blob/master/signatures/crime_upatre_oct15.yar
https://twitter.com/cyb3rops/status/654078031804264448
https://twitter.com/cyb3rops/status/654076995014365184
https://twitter.com/cyb3rops/status/654036992536121345
https://t.co/OHl7YKqvdM
https://portswigger.net/bappstore/
https://twitter.com/cyb3rops/status/654018241937825792
http://t.co/Vq7uY0fteY
http://hackersonlineclub.tradepub.com/free/w_sym241/?p=w_sym241
https://twitter.com/cyb3rops/status/654017411151106048
http://t.co/qCFJmryC9k
http://blog.trendmicro.com/trendlabs-security-intelligence/new-adobe-flash-zero-day-used-in-pawn-storm-campaign/
https://twitter.com/cyb3rops/status/654016421609930752
https://twitter.com/cyb3rops/status/654011442476134400
https://twitter.com/cyb3rops/status/654011386486394880
https://twitter.com/cyb3rops/status/654009834996568064
https://twitter.com/cyb3rops/status/654007404649050112
https://t.co/AD9RulWrKZ
https://github.com/skavanagh/KeyBox
https://twitter.com/cyb3rops/status/654005368079577088
https://t.co/WcmGxaFjQc
https://nakedsecurity.sophos.com/2015/10/13/china-arrests-hackers-to-appease-us-on-cyberespionage/?utm_source=Naked%2520Security%2520-%2520Feed&utm_medium=feed&utm_content=rss2&utm_campaign=Feed
https://twitter.com/cyb3rops/status/654004914411036676
http://t.co/HkXs75rGD9
http://googleonlinesecurity.blogspot.com/2015/10/simplifying-page-security-icon-in-chrome.html
https://twitter.com/cyb3rops/status/654004816692187136
http://t.co/40MkQUPQiT
http://blog.malwarebytes.org/malvertising-2/2015/10/angler-exploit-kit-blasts-daily-mail-visitors-via-malvertising/
https://twitter.com/cyb3rops/status/654004109498945536
http://t.co/pm1N4OuUNE
http://arstechnica.com/security/2015/10/how-soviets-used-ibm-selectric-keyloggers-to-spy-on-us-diplomats/
https://twitter.com/cyb3rops/status/653943509141975040
https://t.co/8rquh2kno4
https://securelist.com/analysis/publications/72356/i-am-hdroot-part-2/
https://twitter.com/cyb3rops/status/653730234336804864
https://t.co/Kx4gwu6ONP
https://isc.sans.edu/diary.html?storyid=20241&rss
https://twitter.com/cyb3rops/status/653725849477320704
https://t.co/BxcfQVd55J
https://prism-break.org/en/subcategories/windows-disk-encryption/
https://twitter.com/cyb3rops/status/653666433650397184
https://t.co/oAgH0NJK1o
https://twitter.com/WeakNetLabs/status/652678730175901696
https://twitter.com/cyb3rops/status/653644513932541953
https://t.co/tpbM9Ye42X
https://www.damballa.com/corebot-and-darknet/
https://twitter.com/cyb3rops/status/653644153717309440
http://t.co/ZYdbaM3iDB
http://seclist.us/reed-is-a-reverse-engineering-and-exploit-development-stuff.html
https://twitter.com/cyb3rops/status/653583416433115136
https://t.co/HBOxkylK8y
https://securelist.com/blog/research/72417/the-rise-of-net-and-powershell-malware/
https://twitter.com/cyb3rops/status/653583010336370688
http://t.co/l4eNxfnEli
http://blog.csnc.ch/2015/10/aftermath-of-the-netgear-advisory-disclosure/
https://twitter.com/cyb3rops/status/653582574711779328
http://t.co/cBaq3OqYiG
http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/PDB-Type-Theft/ba-p/6801065
https://twitter.com/cyb3rops/status/653442011039555584
http://t.co/XpoU8kf5Qh
http://xinn.org/blog/JtR-AD-Password-Auditing.html
https://twitter.com/cyb3rops/status/653333678114885633
http://t.co/fwj4KGMTxT
http://www.ghacks.net/2015/08/14/comparison-of-windows-10-privacy-tools/
https://twitter.com/cyb3rops/status/653292086251229184
https://t.co/IQR11Mc1mD
https://www.youtube.com/watch?v=6XLPZSHkFjA&t=1m11s
https://twitter.com/cyb3rops/status/653246536822878213
http://t.co/PWNCxsik9X
http://seclist.us/updates-thc-hydra-ipv6-attack-toolkit-v-2-8-dev.html
https://twitter.com/cyb3rops/status/653217174551556097
https://t.co/0Y84BxIUKk
https://www.eff.org/deeplinks/2015/09/the-nsa-and-eff-agree
https://twitter.com/cyb3rops/status/653100084582703105
https://t.co/AgnCX98dFb
https://pentestbox.com
https://twitter.com/cyb3rops/status/652987279691153408
http://t.co/neRvJOdZrk
http://ceng.usc.edu/techreports/2015/Prasanna%20CENG-2015-05.pdf
https://twitter.com/cyb3rops/status/652984493498875904
https://t.co/JtgF2BO2m7
https://github.com/Neo23x0/Loki/blob/master/signatures/apt_winnti.yar
https://twitter.com/cyb3rops/status/652728306228330496
http://t.co/ocKfEw7izZ
http://seclist.us/cpppyscan-quick-and-dirty-regex-scanner-for-dangerous-c-code.html
https://twitter.com/cyb3rops/status/652661632959684608
https://twitter.com/cyb3rops/status/652625720271736832
https://t.co/b3OKStN6dL
https://paragonie.com/blog/2015/10/coming-wordpress-4-4-csprng
https://twitter.com/cyb3rops/status/652625584606961664
https://t.co/BL4DdLYz8n
https://community.rapid7.com/community/metasploit/blog/2015/10/09/r7-2015-17-hp-sitescope-dns-tool-command-injection
https://twitter.com/cyb3rops/status/652551104077565952
http://t.co/aGn8iUZA4V
http://arstechnica.com/security/2015/10/apple-removes-several-apps-that-could-spy-on-encrypted-traffic/
https://twitter.com/cyb3rops/status/652522749223526400
http://t.co/90BvU3SrzK
http://software.clapper.org/daemonize/
https://twitter.com/cyb3rops/status/652516117420703744
https://t.co/oVl9Ymr34q
https://github.com/gleitz/howdoi
https://twitter.com/cyb3rops/status/652494192371871744
http://t.co/1kAylTsRZK
http://researchcenter.paloaltonetworks.com/2015/10/latest-teslacrypt-ransomware-borrows-code-from-carberp-trojan/
https://twitter.com/cyb3rops/status/652464412301758464
http://t.co/M6wlUnLjms
http://www.darknet.org.uk/2015/10/twittor-backdoor-using-twitter-for-command-control/
https://twitter.com/cyb3rops/status/652464214481596417
http://t.co/1kAylTsRZK
http://researchcenter.paloaltonetworks.com/2015/10/latest-teslacrypt-ransomware-borrows-code-from-carberp-trojan/
https://twitter.com/cyb3rops/status/652464170546302976
http://t.co/bApOKgqIYt
http://resources.infosecinstitute.com/antivirus-evasion-tools/
https://twitter.com/cyb3rops/status/652354818179133440
http://t.co/wCaETchfVg
http://www.shellcheck.net/
https://twitter.com/cyb3rops/status/652287079745908736
https://t.co/eJWSzdEbPw
https://community.rapid7.com/community/metasploit/blog/2015/10/08/new-metasploit-tools-to-collect-microsoft-patches
https://twitter.com/cyb3rops/status/652286820135235584
https://t.co/thnUvbYkJb
https://community.rapid7.com/community/metasploit/blog/2015/10/08/metasploit-framework-tools-reorg
https://twitter.com/cyb3rops/status/652281351945621504
http://t.co/YU5J6BZ89h
http://blog.cylance.com/a-study-in-bots-diamondfox
https://twitter.com/cyb3rops/status/652208280492609536
http://t.co/pEPJ0dbF1h
http://arstechnica.com/security/2015/10/backdoor-infecting-cisco-vpns-steals-customers-network-passwords/
https://twitter.com/cyb3rops/status/652183379593535489
https://twitter.com/cyb3rops/status/652178504373501952
http://t.co/97ouFNzKVJ
http://blogs.cisco.com/security/talos/vulnerability-spotlight-miniupnp
https://twitter.com/cyb3rops/status/652134490475642882
https://twitter.com/cyb3rops/status/652104115351228416
https://twitter.com/cyb3rops/status/652100785996587009
https://t.co/buXrMnrGvw
https://twitter.com/DanielX4v3r/status/652064445288566784
https://twitter.com/cyb3rops/status/652099869792821248
http://t.co/qNzCt20R8k
http://www.net-security.org/secworld.php?id=18952
https://twitter.com/cyb3rops/status/652099750703951872
http://t.co/JMhJGg2QMb
http://arstechnica.com/security/2015/10/sha1-crypto-algorithm-securing-internet-could-break-by-years-end/
https://twitter.com/cyb3rops/status/652010593344352258
http://t.co/Yt2X120pk8
http://seclist.us/3viltwinattacker-v0-6-7-released-framework-for-rogue-wi-fi-access-point-attack.html
https://twitter.com/cyb3rops/status/652010510259372032
http://t.co/0ag9QH8rVU
http://seclist.us/mpc-memory-pointer-corruption-attack.html
https://twitter.com/cyb3rops/status/651988583012679680
https://twitter.com/cyb3rops/status/651988079692025856
https://t.co/mxQiRBk2vC
https://github.com/Neo23x0/Fenrir/blob/master/README.md
https://twitter.com/cyb3rops/status/651916893746409472
https://twitter.com/cyb3rops/status/651904016847233024
https://t.co/3RGjgYZUHg
https://hacked.com/cisco-talos-thwarts-massive-ransomware-campaign-netting-30m-annually/
https://twitter.com/cyb3rops/status/651786007155642370
https://twitter.com/cyb3rops/status/651785599951634432
https://t.co/nsZkgTBWmK
https://gist.github.com/Neo23x0/e3d4e316d7441d9143c7
https://twitter.com/cyb3rops/status/651784891508527106
http://t.co/N9sKeoz7gu
http://www.net-security.org/secworld.php?id=18946
https://twitter.com/cyb3rops/status/651784750684700672
http://t.co/C7gyWwN3tB
http://seclist.us/python-script-for-brute-forcing-sshd.html
https://twitter.com/cyb3rops/status/651784484279287808
http://t.co/pwfA4RaYji
http://www.secureworks.com/cyber-threat-intelligence/threats/suspected-iran-based-hacker-group-creates-network-of-fake-linkedin-profiles/?view=Standard
https://twitter.com/cyb3rops/status/651760936185782272
http://t.co/bQ9ORVLLWJ
http://blog.ensilo.com/moker-a-new-apt-discovered-within-a-sensitive-network
https://twitter.com/cyb3rops/status/651755504394305537
https://t.co/mcMxeiGOTj
https://www.fireeye.com/blog/threat-research/2015/10/kemoge_another_mobi.html
https://twitter.com/cyb3rops/status/651755052370018304
http://t.co/56y0Rky5Ye
http://www.net-security.org/secworld.php?id=18944
https://twitter.com/cyb3rops/status/651528445076238336
https://t.co/q64p1ltjLi
https://nakedsecurity.sophos.com/2015/10/06/google-issues-android-patches-for-stagefright-2-for-some-users/
https://twitter.com/cyb3rops/status/651528071795752960
http://t.co/HANFHWOwGn
http://researchcenter.paloaltonetworks.com/2015/10/ticked-off-upatre-malwares-simple-anti-analysis-trick-to-defeat-sandboxes/
https://twitter.com/cyb3rops/status/651518190820810753
https://twitter.com/cyb3rops/status/651515907995365376
http://t.co/gmwKENFP4H
http://www.kitploit.com/2015/10/zeronet-decentralized-websites-using.html
https://twitter.com/cyb3rops/status/651504386338783232
https://t.co/MgNMyY0ugQ
https://community.rapid7.com/community/metasploit/blog/2015/10/06/metasploit-framework-open-source-installers
https://twitter.com/cyb3rops/status/651504321863946240
http://t.co/s27OgMZejv
http://krebsonsecurity.com/2015/10/whats-in-a-boarding-pass-barcode-a-lot/
https://twitter.com/cyb3rops/status/651484640511922176
https://twitter.com/cyb3rops/status/651430334131650560
http://t.co/NEULRMc3aO
http://seclist.us/priv-i-leged-privilege-escalation-toolkit.html
https://twitter.com/cyb3rops/status/651430241957605376
http://t.co/IApeMCWSb3
http://arstechnica.com/security/2015/10/trump-hotels-payment-system-infected-with-malware/
https://twitter.com/cyb3rops/status/651402275143847936
http://t.co/nrPbaj69hu
http://arstechnica.com/the-multiverse/2015/10/im-no-expert-but-holy-crap-the-hacking-on-homeland-was-bad/
https://twitter.com/cyb3rops/status/651399379379556352
https://twitter.com/cyb3rops/status/651397078782865408
https://twitter.com/cyb3rops/status/651391153816731648
http://t.co/ntLC2HixJD
http://www.businessinsider.com/european-court-of-justice-safe-harbor-ruling-2015-10
https://twitter.com/cyb3rops/status/651191275010441216
https://t.co/1BYHRPUL0q
https://theintercept.com/2015/07/14/communicating-secret-watched/
https://twitter.com/cyb3rops/status/651168560773881858
https://twitter.com/cyb3rops/status/651166533654196225
https://twitter.com/cyb3rops/status/651164877159972864
http://t.co/lnjZmtU0d1
http://blog.enbrite.ly/?p=345
https://twitter.com/cyb3rops/status/651164527254331392
https://t.co/khneiSoOJI
https://github.com/nylas/N1/blob/master/README.md
https://twitter.com/cyb3rops/status/651111940190793728
https://t.co/WodkZnS8gp
https://twitter.com/theodorosc/status/651102085677719552
https://twitter.com/cyb3rops/status/651089776712396800
http://t.co/BE8w8eyRW8
http://www.darknet.org.uk/2015/10/lime-linux-memory-extractor/
https://twitter.com/cyb3rops/status/651059972323733504
http://t.co/sLaNeOxw0c
http://www.net-security.org/secworld.php?id=18934
https://twitter.com/cyb3rops/status/651057846847602688
http://t.co/vNk3v659B5
http://seclist.us/xbackdoor-a-tool-for-the-persistent-xss-exploitation.html
https://twitter.com/cyb3rops/status/651057738697453568
https://t.co/iKy0pOqBhp
https://hacked.com/yispecter-malware-targets-ios-devices-100-apps-compromised/
https://twitter.com/cyb3rops/status/651045865604431872
https://t.co/DHrc22p9BQ
https://www.youtube.com/watch?v=d_VS5yoSYmg
https://twitter.com/cyb3rops/status/651043916410699776
https://t.co/xmCqtn27P5
https://github.com/remie/YouTransfer/
https://twitter.com/cyb3rops/status/651039527943843840
http://t.co/N33XtXqC5v
http://resources.infosecinstitute.com/qark-a-tool-for-automated-android-app-assessments/
https://twitter.com/cyb3rops/status/650885525222486017
https://t.co/4GXyYTk1pr
https://n0where.net/dns-analysis-tool-bluto/
https://twitter.com/cyb3rops/status/650848867143954433
http://t.co/5cWZodtunH
http://researchcenter.paloaltonetworks.com/2015/10/yispecter-first-ios-malware-attacks-non-jailbroken-ios-devices-by-abusing-private-apis/
https://twitter.com/cyb3rops/status/650798623043678210
http://t.co/2bMT61e583
http://fee.org/anythingpeaceful/how-the-government-makes-data-hacks-a-thousand-times-worse/
https://twitter.com/cyb3rops/status/650783510827962369
https://t.co/olGNI6QwuQ
https://cyberarms.wordpress.com/2015/10/04/anti-virus-bypass-with-shellter-5-1-on-kali-linux/
https://twitter.com/cyb3rops/status/650772668996710400
https://t.co/39mjXQVFWg
https://github.com/gto76/comp-m2
https://twitter.com/cyb3rops/status/650695846925725696
http://t.co/m411QYt7v9
http://threatcrowd.blogspot.com/2015/10/new-feature-monitoring-infrastructure.html
https://twitter.com/cyb3rops/status/650695694555090944
https://t.co/Ar99SFHhkz
https://github.com/palantir/atlasdb
https://twitter.com/cyb3rops/status/650695414635565056
https://t.co/Y9U28XgZjI
https://github.com/codetainerapp/codetainer/blob/master/README.md
https://twitter.com/cyb3rops/status/650540954835816449
http://t.co/qvCvT1WWMV
http://seclist.us/mots-man-on-the-side-attack-experimental-packet-injection-and-detection.html
https://twitter.com/cyb3rops/status/650512055909269504
http://t.co/eLV35lLSD8
http://arstechnica.com/information-technology/2015/09/microsoft-is-downloading-windows-10-to-pcs-even-if-you-dont-reserve-a-copy/
https://twitter.com/cyb3rops/status/650412910213070849
http://t.co/qoMKzBapQB
http://www.kahusecurity.com/2015/cyber-exercise-tools/
https://twitter.com/cyb3rops/status/650340133925818368
https://t.co/CNLXzS9W3f
https://github.com/m3ng9i/ran/blob/master/readme.md
https://twitter.com/cyb3rops/status/650339546912067584
http://t.co/pVXxaE6sDF
http://www.hackernewsleak.com/index.php/2015/10/03/user-data-from-hack-of-patreon-dumped-online/
https://twitter.com/cyb3rops/status/650311108931092480
http://t.co/dhuDZO6LmA
http://blog.hackersonlineclub.com/2015/10/us-stock-market-company-scottrade.html
https://twitter.com/cyb3rops/status/650310970300960768
http://t.co/mfFYy4Mdx9
http://seclist.us/autodane-v1-0-released-automatic-domain-admin-and-network-exploitation-toolkit.html
https://twitter.com/cyb3rops/status/650174017979215872
https://t.co/Ds8x1wZjgz
https://ssd.eff.org/en
https://twitter.com/cyb3rops/status/650142489576239104
https://t.co/kBNENCxzlD
https://prism-break.org/en/
https://twitter.com/cyb3rops/status/650128505712218112
http://t.co/Kihqa66UaP
http://holisticinfosec.blogspot.com/2015/10/toolsmith-109-caploader-network-carving.html
https://twitter.com/cyb3rops/status/650128293639794688
http://t.co/z3AQTOiTIU
http://krebsonsecurity.com/2015/10/scottrade-breach-hits-4-6-million-customers/
https://twitter.com/cyb3rops/status/650128158503505920
https://t.co/fVzvSCdDTj
https://www.youtube.com/watch?v=R7EEoWg6Ekk
https://twitter.com/cyb3rops/status/650109649203687429
https://t.co/Z1nALBw9dr
https://transfer.sh
https://twitter.com/cyb3rops/status/650078706132627456
http://t.co/tI6SnjoI18
http://www.ntdsxtract.com/
https://twitter.com/cyb3rops/status/650056617795260416
https://t.co/WnTlVNcpK9
https://github.com/fcambus/logswan
https://twitter.com/cyb3rops/status/650056132782755840
https://t.co/dgyuMcwzot
https://www.virustotal.com/en/file/97bd6b84828153bbb086de3b27dab0f3a102f2683170bde5889b18d1205e5dc5/analysis/
https://twitter.com/cyb3rops/status/650053222770438144
https://t.co/kiRPmWFNjC
https://code.google.com/p/hookme/
https://twitter.com/cyb3rops/status/650028824936120320
https://t.co/4ucWRquPq6
https://threatpost.com/dridex-banking-malware-back-in-circulation/114890/
https://twitter.com/cyb3rops/status/650028469800140800
http://t.co/ScvTravJIT
http://seclist.us/cuckoo-sandbox-v-2-0-dev-released-is-an-automated-dynamic-malware-analysis-system.html
https://twitter.com/cyb3rops/status/650026288657252352
https://twitter.com/cyb3rops/status/649976160114180096
http://t.co/14HKlKkXKi
http://blog.malwarebytes.org/online-security/2015/10/this-pdf-version-is-not-supported-data-uri-phish/
https://twitter.com/cyb3rops/status/649974945573793793
https://t.co/Px0KtMdHIo
https://hacked.com/linux-wifatch-vigilante-hacker-infects-routers-malware-fight-bad-malware/
https://twitter.com/cyb3rops/status/649974840431001600
https://t.co/EsHfqZGo6N
https://www.cryptocoinsnews.com/bitcoin-attack-coinkite-reports-malleability-attack-urges-caution/
https://twitter.com/cyb3rops/status/649972242059763712
https://t.co/YR2FrLs8vG
https://twitter.com/crowdshield/status/649957614407819264
https://twitter.com/cyb3rops/status/649965958321168384
https://twitter.com/cyb3rops/status/649962352415109120
http://t.co/D9WWGTHY9G
http://sourcefoundry.org/hack/
https://twitter.com/cyb3rops/status/649719240946135040
http://t.co/lMyzYKjDZn
http://arstechnica.com/security/2015/10/highly-personal-data-for-15-million-t-mobile-applicants-stolen-by-hackers/
https://twitter.com/cyb3rops/status/649718976679837696
http://t.co/gLPqlYJsT0
https://t.co/khaWmzWIXy
http://Google.com
https://www.linkedin.com/pulse/i-purchased-domain-googlecom-via-google-domains-sanmay-ved?redirectFromSplash=true
https://twitter.com/cyb3rops/status/649713267892314112
https://t.co/EPNRZntGtg
https://github.com/Neo23x0/Loki/blob/master/signatures/apt_indetectables_rat.yar
https://twitter.com/cyb3rops/status/649695326173970432
https://t.co/PbfKaPbl7a
http://www.logswan.org/
https://twitter.com/cyb3rops/status/649693710888800256
https://t.co/sWBdDi1LJ1
http://arstechnica.com/security/2015/10/patreon-some-user-names-e-mail-and-mailing-addresses-stolen/
https://twitter.com/cyb3rops/status/649693628055449605
https://t.co/f2DwU5aUKe
http://researchcenter.paloaltonetworks.com/2015/10/dridex-is-back-and-targeting-the-uk/
https://twitter.com/cyb3rops/status/649693598598893568
https://t.co/pIcuFTW5PB
http://crfasrnn.torr.vision/
https://twitter.com/cyb3rops/status/649663636265414656
https://twitter.com/cyb3rops/status/649629036969349121
https://t.co/LwSl7E3qMM
https://twitter.com/7Elements/status/649595974701219840
https://twitter.com/cyb3rops/status/649620648025702401
https://t.co/uKPJb2kPND
https://www.7elements.co.uk/resources/blog/cve-2015-2342-remote-code-execution-within-vmware-vcenter/
https://twitter.com/cyb3rops/status/649556029798125568
https://t.co/MpkeRXddSA
https://twitter.com/xoreaxeaxeax/status/649512596576448512
https://twitter.com/cyb3rops/status/649554892470640640
http://t.co/nDiMIXbFA5
http://seclist.us/pasv-agrsv-passive-recon-osint-automation-script.html
https://twitter.com/cyb3rops/status/649417447825498112
http://t.co/lzfMPIkAL8
http://blog.trendmicro.com/trendlabs-security-intelligence/3000-high-profile-japanese-sites-hit-by-massive-malvertising-campaign/
https://twitter.com/cyb3rops/status/649391145743552512
http://t.co/gO3lEGL0f6
http://binwalk.org/3d-data-visualizations/
https://twitter.com/cyb3rops/status/649389104254205952
http://t.co/icguw2TTCL
http://blog.syhunt.com/2015/08/syhunt-community-edition-released.html?m=1
https://twitter.com/cyb3rops/status/649388557249875968
http://t.co/lHn56IkJbX
http://rojak.de/le/forpix_en.php
https://twitter.com/cyb3rops/status/649385200204451840
https://t.co/N5Zl9jT5rg
https://github.com/katjahahn/PortEx
https://twitter.com/cyb3rops/status/649349641700438016
http://t.co/UMCKvDRVLQ
http://arstechnica.com/security/2015/09/nerves-rattled-by-highly-suspicious-windows-update-delivered-worldwide/
https://twitter.com/cyb3rops/status/649348838554079232
https://t.co/dWt0xtg1DJ
https://n0where.net/deep-look-into-a-chinese-advanced-attack/
https://twitter.com/cyb3rops/status/649255941532053505
http://t.co/Y0VSFLAapl
http://arstechnica.com/tech-policy/2015/09/cia-officers-pulled-from-china-because-of-opm-breach/
https://twitter.com/cyb3rops/status/649210168157208576
http://t.co/AmP6Inz2y0
http://seclist.us/script-used-to-generate-and-encode-a-powershell-based-metasploit-payloads.html
https://twitter.com/cyb3rops/status/649208876877766656
http://t.co/lKFGTAff5t
http://resources.infosecinstitute.com/beta-bot-analysis-part-1/
https://twitter.com/cyb3rops/status/649131584201756676
http://t.co/QSsebqZ2wW
http://seclist.us/brutexor-xor-bruteforce-based-on-another-file-of-the-same-type.html
https://twitter.com/cyb3rops/status/649012984346341376
https://t.co/Ut7kBFAtPa
https://isc.sans.edu/diary.html?storyid=20195&rss
https://twitter.com/cyb3rops/status/649011694438477824
http://t.co/pUWs5pm8Rc
http://seclist.us/bunitu_tests-scripts-for-communication-with-bunitu-trojan-ccs.html
https://twitter.com/cyb3rops/status/649011043918712832
http://t.co/jROQr9Emro
http://youtu.be/cOubCHLXT6A
https://twitter.com/cyb3rops/status/649009250820186116
http://t.co/RDDB9rXPTF
http://backfeed.cc/
https://twitter.com/cyb3rops/status/648961373628567553
https://twitter.com/cyb3rops/status/648960101538131968
https://t.co/rkkRlIR3Jq
https://hacked.com/edward-snowden-joins-twitter-follows-nsa/
https://twitter.com/cyb3rops/status/648959907513790466
http://t.co/6Ru6vwU4GG
http://researchcenter.paloaltonetworks.com/2015/09/updated-pclock-ransomware-still-comes-up-short/
https://twitter.com/cyb3rops/status/648959875909746688
http://t.co/jp46ZfEokh
http://www.isightpartners.com/2015/09/watering-holes-and-malvertising-uncovering-the-root-cause-of-compromise-part-2/
https://twitter.com/cyb3rops/status/648885728252792832
https://t.co/sM2cjMXZ1i
https://github.com/bmatzelle/gow/wiki
https://twitter.com/cyb3rops/status/648882544939655168
http://t.co/xhqWaXhyv2
http://seclist.us/creak-v0-0-2-poison-reset-spoof-redirect-mitm-script.html
https://twitter.com/cyb3rops/status/648882469601587201
http://t.co/XdprLry0h0
http://www.harmj0y.net/blog/powershell/invoke-bypassuac/
https://twitter.com/cyb3rops/status/648673122468540417
http://t.co/UgkIxw8b4a
http://wp-cli.org/
https://twitter.com/cyb3rops/status/648671675228164096
https://t.co/FEV3v6mgNa
https://github.com/marcusbuffett/command-line-chess/blob/master/README.md
https://twitter.com/cyb3rops/status/648663408330452992
http://t.co/9L0vJRMfPY
http://www.bbc.com/news/technology-34379254
https://twitter.com/cyb3rops/status/648645408969891841
http://t.co/7GGgAYtKfD
http://researchcenter.paloaltonetworks.com/2015/09/network-ips-tuning-guide/
https://twitter.com/cyb3rops/status/648644905871507457
http://t.co/xC472ilxdS
http://www.fireeye.com/blog/threat-research/2015/09/malvertising_attack.html
https://twitter.com/cyb3rops/status/648573555181944832
http://t.co/xwD2eSmS91
http://www.darknet.org.uk/2015/09/fsflow-a-social-engineering-call-flow-application/
https://twitter.com/cyb3rops/status/648573506242764800
http://t.co/qPooO9syii
http://blog.malwarebytes.org/malvertising-2/2015/09/pornhub-youporn-latest-victims-of-adult-malvertising-campaign/
https://twitter.com/cyb3rops/status/648543938429644800
http://t.co/edUvcmrMe9
http://seclists.org/fulldisclosure/2015/Sep/106
https://twitter.com/cyb3rops/status/648543641368039425
https://t.co/VZ18pylgRl
https://www.bigendiansmalls.com/mainframe-security-derbycon-slides-and-video/
https://twitter.com/cyb3rops/status/648517954078769152
https://t.co/FOPXn30nD3
https://securityintelligence.com/shifu-officially-spreads-to-the-uk-banks-and-wealth-management-firms-beware/
https://twitter.com/cyb3rops/status/648504170719264770
http://t.co/uMiletPMLA
http://securityaffairs.co/wordpress/40537/hacking/gcat-backdoor-gmail.html
https://twitter.com/cyb3rops/status/648498600754843649
https://t.co/87IDqSgX8s
https://securityintelligence.com/hammertoss-what-me-worry/
https://twitter.com/cyb3rops/status/648481254581469184
http://t.co/OhBoNVIl36
http://blog.trendmicro.com/trendlabs-security-intelligence/two-new-pos-malware-affecting-us-smbs/
https://twitter.com/cyb3rops/status/648480983876956160
https://t.co/4k07OA1n8U
https://securelist.com/blog/research/72283/gaza-cybergang-wheres-your-ir-team/
https://twitter.com/cyb3rops/status/648480334883913728
http://t.co/BEKODj7Mxe
http://resources.infosecinstitute.com/andromeda-bot-analysis-part-two/
https://twitter.com/cyb3rops/status/648353042132135936
http://t.co/A4NxDeGurX
http://www.ehacking.net/2015/09/top-10-hacking-tools-of-2015.html
https://twitter.com/cyb3rops/status/648311866771410944
http://t.co/4uzXAOEeSZ
http://mobile.nytimes.com/2015/07/07/world/middleeast/nuclear-inspectors-await-chance-to-use-modern-tools-in-iran.html?referrer=&_r=0
https://twitter.com/cyb3rops/status/648310760590872576
http://t.co/50YaWzcwXM
http://www.wsj.com/articles/spy-virus-linked-to-israel-targeted-hotels-used-for-iran-nuclear-talks-1433937601
https://twitter.com/cyb3rops/status/648305547138076672
http://t.co/eeK6Lq9J4n
http://www.redblue.team/2015/09/using-modern-honey-network-to-detect.html
https://twitter.com/cyb3rops/status/648301386149433344
https://t.co/ZhMDsTL3B1
https://github.com/ALSchwalm/foresight
https://twitter.com/cyb3rops/status/648300563575128064
http://t.co/NnogJ9IyJV
http://seclist.us/nettools-v-0-2-0-released-tools-to-perform-different-lan-attacks-and-other-net-actions.html
https://twitter.com/cyb3rops/status/648220818049073152
http://t.co/Bgq88FPmcI
http://seclist.us/harness-v-1-0-released-interactive-remote-powershell-payload.html
https://twitter.com/cyb3rops/status/648188136640630784
https://t.co/WWdKq31LDG
https://chrome.google.com/webstore/search/ublock?hl=en-US
https://twitter.com/cyb3rops/status/648157761180581888
http://t.co/gDvAQ2rvs4
http://seclist.us/badger-v2-1-released-the-swiss-army-knife-for-windows-exploit-development.html
https://twitter.com/cyb3rops/status/648153131482648576
https://t.co/CEpDSIyvsr
https://github.com/m57/dnsteal/blob/master/README.md
https://twitter.com/cyb3rops/status/647955809519841280
http://t.co/fiPWDlIDa6
http://www.producthunt.com/r/c7b7f51e99a676/34740?app_id=1
https://twitter.com/cyb3rops/status/647949889033244674
http://t.co/Q8eItQQZVX
http://thehackernews.com/2015/09/chip-mini-computer.html?m=1
https://twitter.com/cyb3rops/status/647929972565262336
https://t.co/oaUuYovKmA
https://keybase.io/blog/keybase-new-key-model
https://twitter.com/cyb3rops/status/647917409001586689
http://t.co/Yvv9fQKJmw
http://dea.gov.ge/uploads/CERT%20DOCS/Cyber%20Espionage.pdf
https://twitter.com/cyb3rops/status/647821196206018560
https://t.co/QxsBGUhUdr
https://secupwn.github.io/Android-IMSI-Catcher-Detector/
https://twitter.com/cyb3rops/status/647754092903706624
https://t.co/bq7VYTMcmU
https://github.com/SumoLogic/sumoshell
https://twitter.com/cyb3rops/status/647610770532925441
https://t.co/mDpbGS625f
https://github.com/Neo23x0/prisma
https://twitter.com/cyb3rops/status/647538279177261056
https://t.co/1vXpvKeo4A
https://adsecurity.org/?p=1729
https://twitter.com/cyb3rops/status/647537985672450048
https://t.co/Pyfwy98HlN
https://adsecurity.org/?p=1906
https://twitter.com/cyb3rops/status/647481180242075648
https://t.co/aboaTzVB5z
https://github.com/delight-im/FreeGeoDB
https://twitter.com/cyb3rops/status/647480884753395712
http://t.co/Tm30baMf2r
http://seclist.us/scapyarpspoof-is-a-simple-effective-and-useful-arp-spoofer-script-with-scapy.html
https://twitter.com/cyb3rops/status/647450744786825216
http://t.co/3JoXpgTztK
http://www.openwall.com/lists/oss-security/2015/09/22/7
https://twitter.com/cyb3rops/status/647450297413951488
https://t.co/E8TdiRbKO3
https://theintercept.com/2015/09/25/gchq-radio-porn-spies-track-web-users-online-identities/
https://twitter.com/cyb3rops/status/647449952054939649
http://t.co/CGSxXGnw4f
http://seclist.us/qark-tool-to-look-for-several-security-related-android-application-vulnerabilities.html
https://twitter.com/cyb3rops/status/647449795280412672
http://t.co/FvIxQ6CfdV
http://research.zscaler.com/2015/09/compromised-wordpress-campaign-spyware.html?m=1
https://twitter.com/cyb3rops/status/647426488279658496
https://t.co/mDpbGROrdH
https://t.co/uAr9w1UIHv
https://github.com/Neo23x0/prisma
https://github.com/garabik/grc
https://twitter.com/cyb3rops/status/647402550950363136
https://t.co/ZugVxE8iXc
https://github.com/yahoo/gryffin/blob/master/README.md
https://twitter.com/cyb3rops/status/647400823039725568
http://t.co/cZoxkfkEti
http://nakedsecurity.sophos.com/2015/09/25/microsoft-word-intruder-gets-down-to-business-operation-pony-express/
https://twitter.com/cyb3rops/status/647270702383370240
http://t.co/oCfJwPkMRo
http://sheetsu.com/?ref=producthunt
https://twitter.com/cyb3rops/status/647262877825368064
http://t.co/1SPKkf52Cd
http://arstechnica.com/tech-policy/2015/09/obama-administration-explored-backdoors-for-bypassing-smartphone-crypto/
https://twitter.com/cyb3rops/status/647262766416289792
http://t.co/N0utTMpjS6
http://seclist.us/uproot-a-host-based-intrusion-detection-system-hids-for-leveraging-wmi-permanent-event-subscriptions.html
https://twitter.com/cyb3rops/status/647262117557440512
http://t.co/WgbpXuhpTm
http://blog.trendmicro.com/trendlabs-security-intelligence/credit-card-scraping-kasidet-builder-leads-to-spike-in-detections/
https://twitter.com/cyb3rops/status/647257617677479937
http://t.co/KkWSd3e68A
http://pastebin.com/i2zvQENr
https://twitter.com/cyb3rops/status/647162688469123072
https://t.co/o3lhLUizp3
https://www.glasswire.com/features/
https://twitter.com/cyb3rops/status/647148669737701376
https://t.co/33dbSWTCi6
https://packagecontrol.io/packages/Yara%20Rule%20Syntax
https://twitter.com/cyb3rops/status/647146810813755392
https://t.co/Q9mCq1B0to
http://t.co/z95A4k8DT5
https://github.com/Neo23x0/Loki/blob/master/signatures/apt_unit78020_malware.yar
http://threatconnect.com/camerashy/?utm_campaign=CameraShy
https://twitter.com/cyb3rops/status/647074055732924416
http://t.co/TOzj7nl6qa
http://www.isightpartners.com/2015/09/watering-holes-and-malvertising-uncovering-the-root-cause-of-compromise-part-1/
https://twitter.com/cyb3rops/status/647064742134050818
https://t.co/ogawtWUAsJ
https://twitter.com/binitamshah/status/647057389347143680
https://twitter.com/cyb3rops/status/647017077719437312
https://t.co/bCU9VTjFFS
https://twitter.com/netbiosX/status/646991761865375744
https://twitter.com/cyb3rops/status/647016026882854912
https://t.co/mHzNVfrNWC
https://blog.rootshell.be/2015/09/24/tracking-administrator-sessions-in-windows-environments/
https://twitter.com/cyb3rops/status/647015379479334912
https://t.co/bn0qKCT9G3
https://github.com/enaqx/awesome-pentest/blob/master/README.md
https://twitter.com/cyb3rops/status/647014683887534080
http://t.co/PiV9pZ3M7V
http://wroot.org/posts/babadook-connection-less-powershell-persistent-and-resilient-backdoor/
https://twitter.com/cyb3rops/status/646861052001435648
https://t.co/J4oiyoRqol
https://github.com/aplura/Tango/blob/master/README.md
https://twitter.com/cyb3rops/status/646846070551482368
http://t.co/uHtt58PO4s
http://researchcenter.paloaltonetworks.com/2015/09/chinese-actors-use-3102-malware-in-attacks-on-us-government-and-eu-media/
https://twitter.com/cyb3rops/status/646730803863392256
http://t.co/M7Con4QrWc
http://blogs.cisco.com/security/talos/synful-scanner
https://twitter.com/cyb3rops/status/646729341250891776
http://t.co/pdHtqgkMe9
http://krebsonsecurity.com/2015/09/bidding-for-breaches-redefining-targeted-attacks/
https://twitter.com/cyb3rops/status/646726648386072576
http://t.co/Bek7Abodnd
http://youtu.be/qDvfQ5gZ-Jw
https://twitter.com/cyb3rops/status/646673332436230144
https://t.co/t71fhN0ocq
https://t.co/EWKLn7oXcy
https://reason.com/archives/2015/04/09/the-net-neutrality-riddle
https://reason.com/archives/2015/04/18/how-to-break-the-internet
https://twitter.com/cyb3rops/status/646668624531357696
https://twitter.com/cyb3rops/status/646666780606271489
https://twitter.com/cyb3rops/status/646665261051830272
https://t.co/9zOK4lfKTt
https://t.co/VysSeQ1NS8
https://www.bsk-consulting.de/2014/10/04/smart-dll-execution-malware-analysis-sandbox-systems/
https://twitter.com/Cyb3rOps/status/646663914567012354
https://twitter.com/cyb3rops/status/646663914567012354
https://t.co/dLZXgsbs7n
https://github.com/edix/LoadDll/blob/master/README.md
https://twitter.com/cyb3rops/status/646660613322633216
http://t.co/PVSaYCaGuP
http://seclist.us/mac4n6-collection-of-forensics-artifacs-location-for-mac-os-x-and-ios.html
https://twitter.com/cyb3rops/status/646660369872613376
https://t.co/SOSRKNts1z
https://github.com/google/zopfli
https://twitter.com/cyb3rops/status/646659551282860032
http://t.co/zKEnhPJThz
http://seclist.us/sqlmap-v1-0-dev-aa088aa-released-automatic-sql-injection-and-database-takeover-tool.html
https://twitter.com/cyb3rops/status/646659392075526144
https://t.co/hhUJoWpxH2
https://nakedsecurity.sophos.com/2015/09/23/tech-alliance-defeats-us-bill-requiring-them-to-report-terrorist-activity/
https://twitter.com/cyb3rops/status/646458274586357760
https://t.co/qQMUxyxYEb
https://github.com/threatstream/mhn/blob/master/README.md
https://twitter.com/cyb3rops/status/646435953574199296
https://twitter.com/cyb3rops/status/646433428510904320
https://t.co/vfdIHDWB7e
https://synfulscan.shadowserver.org/
https://twitter.com/cyb3rops/status/646407157319995392
http://t.co/vzYTXSiIDR
http://t.co/LT9EU7hNA8
http://Realtor.com
http://blog.malwarebytes.org/malvertising-2/2015/09/malvertising-attack-hits-realtor-com-visitors/
https://twitter.com/cyb3rops/status/646406732009238528
http://t.co/uzlrE1gGtC
http://seclists.org/fulldisclosure/2015/Sep/80
https://twitter.com/cyb3rops/status/646400099015241728
http://t.co/ugzZnKVOcN
http://googleprojectzero.blogspot.com/2015/09/kaspersky-mo-unpackers-mo-problems.html?m=1
https://twitter.com/cyb3rops/status/646398976900640768
https://t.co/dnCvmMzgb3
https://github.com/lukasschwab/stackit/blob/master/README.md
https://twitter.com/cyb3rops/status/646358811112898560
https://t.co/ykl5O0l9kb
https://github.com/google/brotli/blob/master/README.md
https://twitter.com/cyb3rops/status/646295821936234496
https://t.co/0TzWEw07DN
https://github.com/Netflix/lemur/blob/master/README.rst
https://twitter.com/cyb3rops/status/646293959539494912
https://t.co/CwrLosIJgc
https://asert.arbornetworks.com/peeking-at-pkybot/
https://twitter.com/cyb3rops/status/646293824180875264
https://t.co/cHJpwtQFxI
https://github.com/n1nj4sec/pupy/blob/master/README.md
https://twitter.com/cyb3rops/status/646114978097790976
https://t.co/15AIK7fgXT
https://theintercept.com/2015/03/10/ispy-cia-campaign-steal-apples-secrets/
https://twitter.com/cyb3rops/status/646105462698409985
http://t.co/Osvyw9lazb
http://blog.gdssecurity.com/labs/2015/9/21/fuzzing-the-mbed-tls-library.html
https://twitter.com/cyb3rops/status/646105171303358464
http://t.co/zX9pu9oVU7
http://seclist.us/robotsdisallowed-a-harvest-of-the-disallowed-directories-from-the-robots-txt-files-of-the-worlds-top-websites.html
https://twitter.com/cyb3rops/status/646105171257262080
http://t.co/DMndOnFWmT
http://researchcenter.paloaltonetworks.com/2015/09/more-details-on-the-xcodeghost-malware-and-affected-ios-apps/
https://twitter.com/cyb3rops/status/646104814506545152
http://t.co/feoypEpZmn
http://seclist.us/powercat-a-powershell-version-of-netcat.html
https://twitter.com/cyb3rops/status/646029371501776896
http://t.co/jnp10jqKal
http://canarytokens.org/generate
https://twitter.com/cyb3rops/status/646027266195980288
https://t.co/FLfEfjAhWF
https://github.com/cantino/huginn/blob/master/README.md
https://twitter.com/cyb3rops/status/646025780678426625
http://t.co/vQpIgOCmz1
http://cmd.to/
https://twitter.com/cyb3rops/status/645996062302322688
http://t.co/shfqRSg6ny
http://blog.checkpoint.com/2015/09/21/braintest-a-new-level-of-sophistication-in-mobile-malware/
https://twitter.com/cyb3rops/status/645937885758230528
http://t.co/PTiyEYTIUG
http://m.imgur.com/a/LpTN7
https://twitter.com/cyb3rops/status/645853155079680000
http://t.co/FBgRIcU6z1
http://az4n6.blogspot.com/2015/09/whos-your-master-mft-parsers-reviewed.html
https://twitter.com/cyb3rops/status/645675526364004353
https://t.co/GgsosxA96g
https://github.com/anmoljagetia/Flatabulous/blob/master/README.md
https://twitter.com/cyb3rops/status/645674962469191680
https://t.co/6MtCxlgMNu
https://github.com/elceef/dnstwist/blob/master/README.md
https://twitter.com/cyb3rops/status/645673962375151616
http://t.co/TjwB7wlbwJ
http://seclist.us/commix-v-0-2b-released-automatic-all-in-one-os-command-injection-and-exploitation-tool.html
https://twitter.com/cyb3rops/status/645364864219803648
http://t.co/VuZMFg4Ku7
http://seclist.us/updates-ftpmap-v-0-15-ftp-scanner-and-take-over-tool-in-c.html
https://twitter.com/cyb3rops/status/645293058016301056
https://t.co/0J7lvXp3KF
https://www.owasp.org/images/c/c1/JMX_-_Java_Management_Extensions_-_Hans-Martin_Muench.pdf
https://twitter.com/cyb3rops/status/645256257281069056
https://t.co/AJu6zKp0HM
https://adsecurity.org/?p=1772
https://twitter.com/cyb3rops/status/645246801763823616
https://t.co/QiAP1bJWX6
https://paulbernal.wordpress.com/2012/07/02/annoyed-by-those-cookie-warnings/
https://twitter.com/cyb3rops/status/645192559007023104
https://t.co/UDZiyLYKlq
https://isc.sans.edu/diary/Don%27t+launch+that+file+Adobe+Reader%21/20163
https://twitter.com/cyb3rops/status/645145971794558977
http://t.co/83JzdSKPeC
http://www.fireeye.com/blog/threat-research/2015/08/ins0mnia_unlimited.html
https://twitter.com/cyb3rops/status/644979887636369408
http://t.co/mrG4w5nU12
http://www.darknet.org.uk/2015/09/weevely-3-weaponized-php-web-shell/
https://twitter.com/cyb3rops/status/644909603881398272
https://twitter.com/cyb3rops/status/644903556785532929
https://twitter.com/cyb3rops/status/644899935041810433
http://t.co/EooTvdxIRi
http://www.net-security.org/secworld.php?id=18869
https://twitter.com/cyb3rops/status/644899192352153600
http://t.co/UUZVdo0AMT
http://www.welivesecurity.com/2015/09/18/evolution-ransomware-pc-cyborg-service-sale/
https://twitter.com/cyb3rops/status/644824921617625088
http://t.co/9fhpaKk3DB
http://www.fireeye.com/blog/threat-research/2015/09/synful_knock_-_acis0.html
https://twitter.com/cyb3rops/status/644824886825893888
http://t.co/2kxFBmzR3k
http://www.fireeye.com/blog/threat-research/2015/09/synful_knock_-_acis.html
https://twitter.com/cyb3rops/status/644772294695473152
https://t.co/MpPy7c9Aan
https://pyd.io/
https://twitter.com/cyb3rops/status/644768484942053376
http://t.co/w3XqyjkkUX
http://www.redblue.team/2015/09/triaging-powershell-exploitation-with.html?m=1
https://twitter.com/cyb3rops/status/644634550828703744
http://t.co/1JffUNPL41
http://seclist.us/nodejs-https-login-form-bruteforcer.html
https://twitter.com/cyb3rops/status/644603486533996546
http://t.co/eLNwGgqUCO
http://williammahler.github.io/Capstone.js-bookmarklet/
https://twitter.com/cyb3rops/status/644596570495782912
https://t.co/I6UclN7VXr
https://t.co/f8Bxyq1qW7
https://github.com/Neo23x0/Loki/blob/master/signatures/apt_irontiger_trendmicro.yar
https://github.com/Neo23x0/Loki/blob/master/signatures/apt_irontiger.yar
https://twitter.com/cyb3rops/status/644544220171255812
https://twitter.com/cyb3rops/status/644542742425681920
http://t.co/xqVW7hZyn9
http://arstechnica.com/tech-policy/2015/09/china-tells-us-tech-companies-to-sign-prism-like-cyber-loyalty-pact/
https://twitter.com/cyb3rops/status/644542469338734592
https://t.co/BmKUJ1UxZS
https://reaqta.com/2015/09/poweliks-file-less-malware-keeps-evolving/
https://twitter.com/cyb3rops/status/644438331779100676
http://t.co/w7No5DlYDp
http://seclist.us/arp-mitm-captive-portal.html
https://twitter.com/cyb3rops/status/644401929418874880
http://t.co/IQ0qzPjfv4
http://digital-forensics.sans.org/blog/2015/09/16/timeline-analysis-with-apache-spark-and-python
https://twitter.com/cyb3rops/status/644400820528783360
http://t.co/UTdVdWrEzR
http://seclist.us/subterfuge-v1-0-1-superfish-automated-man-in-the-middle-attack-framework.html
https://twitter.com/cyb3rops/status/644400680950743040
https://t.co/s1F9MhOSV3
https://securelist.com/blog/research/72187/coinvault-are-we-reaching-the-end-of-the-nightmare/
https://twitter.com/cyb3rops/status/644400514696937472
http://t.co/WV356zegQf
http://arstechnica.com/security/2015/09/seven-years-of-malware-linked-to-russian-state-backed-cyberespionage/
https://twitter.com/cyb3rops/status/644268233193881600
http://t.co/XDZZeckuvG
http://seclist.us/updates-windows-exploit-suggester-revision-v-2-9-2015-09-16.html
https://twitter.com/cyb3rops/status/644241412708507648
https://t.co/0jgtGKyGJ0
https://adsecurity.org/?p=1760
https://twitter.com/cyb3rops/status/644171284604153856
http://t.co/SdSC1hqVNI
http://arstechnica.com/security/2015/09/malicious-cisco-router-backdoor-found-on-79-more-devices-25-in-the-us/
https://twitter.com/cyb3rops/status/644167189029879808
http://t.co/LsYjhlMxy4
http://blog.trendmicro.com/trendlabs-security-intelligence/operation-iron-tiger-how-china-based-actors-shifted-attacks-from-apac-to-us-targets/
https://twitter.com/cyb3rops/status/644163782248411136
http://t.co/d1LqRJfbsh
http://blog.malwarebytes.org/online-security/2015/09/dns-hijacks-what-to-look-for/
https://twitter.com/cyb3rops/status/644163601188671488
http://t.co/bZl718pZXZ
http://www.isightpartners.com/2015/09/teslacrypt-2-0-cyber-crime-malware-behavior-capabilities-and-communications/
https://twitter.com/cyb3rops/status/644121970133614592
http://t.co/OJeWGiVhv4
http://www.net-security.org/secworld.php?id=18860
https://twitter.com/cyb3rops/status/644039983448371200
https://t.co/iN43zb9HAQ
https://adsecurity.org/?p=1790
https://twitter.com/cyb3rops/status/643864475368558592
https://t.co/Fvet77OBUu
https://twitter.com/mattifestation/status/643817965620588544
https://twitter.com/cyb3rops/status/643862452510269441
http://t.co/PjNvu6j8RO
http://seclist.us/ridenum-v-1-5-4-is-a-null-session-rid-cycle-attack-for-brute-forcing-domain-controllers.html
https://twitter.com/cyb3rops/status/643834583352520706
http://t.co/GoT5CxyfzG
http://blogs.cisco.com/security/talos/infinity-toolkit
https://twitter.com/cyb3rops/status/643766769971253249
https://t.co/91TpP9Bayp
https://twitter.com/dellsecureworks/status/643758414095646720
https://twitter.com/cyb3rops/status/643735060676509696
http://t.co/kWY6OOmOLa
http://www.forensicfocus.com/News/article/sid=2493/
https://twitter.com/cyb3rops/status/643660156983713792
http://t.co/79gB55vNfW
http://m.winsupersite.com/windows-10/how-stop-windows-10-upgrade-downloading-your-system
https://twitter.com/cyb3rops/status/643657853656502272
http://t.co/sWQVSpxqgr
http://seclist.us/android-vts-android-vulnerability-test-suite.html
https://twitter.com/cyb3rops/status/643657515486547968
http://t.co/BF627FKm2k
http://www.reddit.com/r/Malware/comments/3kzlux/wordmacro_encryptionobfuscation_code/
https://twitter.com/cyb3rops/status/643558261254418433
http://t.co/JUMdw8qjXY
http://www.darknet.org.uk/2015/09/backbox-linux-penetration-testing-livecd/
https://twitter.com/cyb3rops/status/643529560173215745
https://t.co/rCmCmXIREg
https://hacked.com/u-s-department-energy-successfully-hacked-159-times-4-years/
https://twitter.com/cyb3rops/status/643507010567319553
http://t.co/TMEoJpCFy1
http://seclist.us/penetrator-beta-v1-released-retrieve-wpawpa2-passphrase-from-a-wps-enabled-ap.html
https://twitter.com/cyb3rops/status/643505745019932672
http://t.co/9wL8LR1n4A
http://blog.trendmicro.com/trendlabs-security-intelligence/targeted-attacks-versus-apts-whats-the-difference/
https://twitter.com/cyb3rops/status/643505569375125504
https://t.co/5hK0Qknr5J
https://community.rapid7.com/community/infosec/blog/2015/09/14/microsoft-attack-surface-analyzer-asa-its-for-defenders-too
https://twitter.com/cyb3rops/status/643504873523294209
http://t.co/JqLIhmpYrU
http://www.volexity.com/blog/?p=158
https://twitter.com/cyb3rops/status/643502802937991172
https://t.co/dDETwQKWvc
https://github.com/Neo23x0/yarAnalyzer
https://twitter.com/cyb3rops/status/643450483995209728
http://t.co/8pOjJW9XVi
http://arstechnica.com/information-technology/2015/09/invizbox-go-aims-to-make-mobile-privacy-painless-over-any-wi-fi/
https://twitter.com/cyb3rops/status/643447467460182016
https://t.co/nUYIZ4CV5A
https://github.com/htty/htty
https://twitter.com/cyb3rops/status/643446839149232128
https://t.co/QGDnEEQWPz
https://securelist.com/analysis/publications/72087/the-shade-encryptor-a-double-threat/
https://twitter.com/cyb3rops/status/643389629471793153
https://t.co/RJPo0kUl8B
https://github.com/PaulSec/twittor
https://twitter.com/cyb3rops/status/643375793582788608
https://t.co/Qphz2tiQw2
https://labsblog.f-secure.com/2015/09/08/sofacy-recycles-carberp-and-metasploit-code/
https://twitter.com/cyb3rops/status/643164590000500736
http://t.co/X7thFKscmp
http://seclist.us/ctf-scripts-a-collection-of-short-scripts-for-analysis-encryption-and-forensics.html
https://twitter.com/cyb3rops/status/643139810505424896
https://t.co/cK6OFPGxyt
https://twitter.com/theodorosc/status/643124553523286016
https://twitter.com/cyb3rops/status/643077258761080832
http://t.co/1yUOVWkmt8
http://forensicmethods.com/prefetchdevices
https://twitter.com/cyb3rops/status/643076748024913920
http://t.co/kler2AvKyL
http://www.malwaretech.com/2015/09/hidden-vnc-for-beginners.html
https://twitter.com/cyb3rops/status/642795668579438592
http://t.co/s1605ZCfnt
http://booknsharemedia.com/index.php/2015/09/12/serious-flaw-discovered-in-the-os-used-by-over-a-billion-devices/
https://twitter.com/cyb3rops/status/642795117380808705
http://t.co/Pum8ZKhK5y
http://seclist.us/updates-gcat-a-fully-featured-backdoor-that-uses-gmail-as-a-cc-server.html
https://twitter.com/cyb3rops/status/642656210500648960
https://t.co/dnnpl2LgFj
https://www.ernw.de/download/ERNW_Newsletter_51_Playing_With_Fire_signed.pdf
https://twitter.com/cyb3rops/status/642655421346500608
http://t.co/O38L2Vu3SG
http://www.darknet.org.uk/2015/09/aide-advanced-intrusion-detection-environment/
https://twitter.com/cyb3rops/status/642655155431821312
https://t.co/bSLXnFLX0W
https://github.com/fatiherikli/fil/blob/master/README.md
https://twitter.com/cyb3rops/status/642626537884397568
https://twitter.com/cyb3rops/status/642626146333499392
https://t.co/9vC8WLlc7J
https://github.com/cyrus-and/gdb-dashboard
https://twitter.com/cyb3rops/status/642625370458595328
http://t.co/wQIhsObDAX
http://seclist.us/weeman-http-server-for-phishing.html
https://twitter.com/cyb3rops/status/642379531911843840
http://t.co/jX31YRjQ0o
http://arstechnica.com/security/2015/09/security-company-sues-to-bar-disclosure-related-to-its-own-flaws/
https://twitter.com/cyb3rops/status/642379360201244672
http://t.co/3W6BwxNVid
http://arstechnica.com/security/2015/09/new-stats-show-ashley-madison-passwords-are-just-as-weak-as-all-the-rest/
https://twitter.com/cyb3rops/status/642375360202584066
https://t.co/hTvzIewHuz
https://www.fireeye.com/blog/threat-research/2015/09/attack_exploitingmi.html
https://twitter.com/cyb3rops/status/642336360418934784
http://t.co/SUlBcseMYE
http://seclist.us/ht-wps-breaker-bash-script-for-help-to-extract-the-wps-pin-of-many-vulnerable.html
https://twitter.com/cyb3rops/status/642255538617753602
http://t.co/z2Mm2qZOtI
http://eo.oe.kiwi
https://twitter.com/cyb3rops/status/642245976347013120
http://t.co/L3V9w3N7lw
http://www.usatoday.com/story/cybertruth/2013/09/24/investors-lured-by-fireeyes-likely-explosive-growth/2856849/
https://twitter.com/cyb3rops/status/642243679969746944
https://twitter.com/cyb3rops/status/642242427944837120
https://twitter.com/cyb3rops/status/642216256817524736
https://t.co/T4BINpLfNl
https://adsecurity.org/?p=1714
https://twitter.com/cyb3rops/status/642213755766636544
http://t.co/UuvezL9dDV
http://seclists.org/fulldisclosure/2015/Sep/38
https://twitter.com/cyb3rops/status/642071446508933120
https://t.co/84yT5eH3Iv
https://t.co/iywqUPjOUE
https://github.com/Neo23x0/Loki/blob/master/signatures/gen_gpp_cpassword.yar
https://twitter.com/piotrkijewski/status/642040765745614852
https://twitter.com/cyb3rops/status/642040790634655744
https://t.co/bxZ7Xb45EO
https://securityintelligence.com/an-overnight-sensation-corebot-returns-as-a-full-fledged-financial-malware/
https://twitter.com/cyb3rops/status/641998481167679488
http://t.co/BdCJStgdcr
http://www.forensicfocus.com/News/article/sid=2491/
https://twitter.com/cyb3rops/status/641998300296646656
https://t.co/ej90ZiGXSE
https://github.com/Xyl2k/TSA-Travel-Sentry-master-keys
https://twitter.com/cyb3rops/status/641998158189494272
http://t.co/N5jGIPqFrm
http://blog.checkpoint.com/2015/09/10/analysis-of-the-sality-gambling-campaign/
https://twitter.com/cyb3rops/status/641991539531599872
https://t.co/Sq2IkQuoji
https://github.com/Neo23x0/Loki/blob/master/signatures/gen_thumbs_cloaking.yar
https://twitter.com/cyb3rops/status/641942634425135104
http://t.co/sBtlbbcOpd
http://securityaffairs.co/wordpress/40019/hacking/windows-media-center-ht-bug.html
https://twitter.com/cyb3rops/status/641942568570331136
http://t.co/kIDp4lX6Ru
http://blog.malwarebytes.org/fraud-scam/2015/09/obfuscated-urls-where-is-that-link-taking-you/
https://twitter.com/cyb3rops/status/641704540241272832
https://t.co/MKthHOgbS7
https://github.com/RobBollons/passbox/blob/master/README.md
https://twitter.com/cyb3rops/status/641682096247996416
http://t.co/Xf4yeeHBTN
http://stackoverflow.com/questions/20328422/what-share-mode-is-used-when-files-are-opened-using-open
https://twitter.com/cyb3rops/status/641681093964509184
https://t.co/0gKF3kZicE
https://msdn.microsoft.com/en-us/library/windows/desktop/aa363874(v=vs.85).aspx
https://twitter.com/cyb3rops/status/641678887093673984
https://twitter.com/cyb3rops/status/641675554765320192
https://t.co/3flACWzTOq
https://securityintelligence.com/certificates-as-a-service-code-signing-certs-become-popular-cybercrime-commodity/
https://twitter.com/cyb3rops/status/641587854582394880
http://t.co/knuGxNs49M
http://blog.trendmicro.com/trendlabs-security-intelligence/shadow-force-uses-dll-hijacking-targets-south-korean-company/
https://twitter.com/cyb3rops/status/641587732293287936
http://t.co/lkPfJvlEdS
http://www.reddit.com/r/Malware/comments/3k84kc/skiddos_using_google_network_to_spread_upx_custom/
https://twitter.com/cyb3rops/status/641484980850458624
http://t.co/5lHLQxykwI
http://blog.trendmicro.com/trendlabs-security-intelligence/windows-media-center-hacking-team-bug-fixed-in-september-2015-patch-tuesday/
https://twitter.com/cyb3rops/status/641484654105767936
http://t.co/sHd8YrwsDL
http://seclist.us/updates-powermemory-v-0-2-exploit-the-credentials-present-in-files-and-memory.html
https://twitter.com/cyb3rops/status/641379664838139904
https://t.co/2tICC9Lxgm
https://twitter.com/relyze/status/640943645240217600
https://twitter.com/cyb3rops/status/641371242864484352
http://t.co/VC0ac5fVeU
http://arstechnica.com/information-technology/2015/09/researchers-respond-to-developers-accusation-that-they-used-crypto-wrong/
https://twitter.com/cyb3rops/status/641361341891018752
http://t.co/IABHvTVYi4
http://blogs.cisco.com/security/talos/vulnerability-spotlight-microsoft-cddfont
https://twitter.com/cyb3rops/status/641340882558414848
https://t.co/84yT5epsjV
https://github.com/Neo23x0/Loki/blob/master/signatures/gen_gpp_cpassword.yar
https://twitter.com/cyb3rops/status/641325016886415360
http://t.co/cU8lABQfP5
http://www.williballenthin.com/blog/2015/09/08/parsing-binary-data-with-%60vstruct%60/
https://twitter.com/cyb3rops/status/641309836060270592
http://t.co/xq9iipMeSb
http://www.csoonline.com/article/2981474/vulnerabilities/researcher-to-fireeye-if-youre-not-paying-im-not-talking.html
https://twitter.com/cyb3rops/status/641308202005606400
http://t.co/DVs4egMgMj
http://blog.airbuscybersecurity.com/post/2015/08/Volatility-plugin-for-PlugX-updated
https://twitter.com/cyb3rops/status/641306823925088257
http://t.co/o4oCci0D8Y
http://www.malwaretech.com/2015/09/advanced-desktop-application-sandboxing.html
https://twitter.com/cyb3rops/status/641230029486206977
http://t.co/noW0aADGje
http://www.grouppolicy.biz/2013/11/why-passwords-in-group-policy-preference-are-very-bad/
https://twitter.com/cyb3rops/status/641210046542671872
http://t.co/kL8F0OObkH
http://www.harmj0y.net/blog/redteaming/the-trustpocalypse/
https://twitter.com/cyb3rops/status/641127409853575168
http://t.co/4FdW83w6Un
http://blog.fox-it.com/2015/09/07/the-state-of-ransomware-in-2015/
https://twitter.com/cyb3rops/status/640960015013179394
https://t.co/87KyFUVzUv
https://t.co/GNxE9eoL6x
https://github.com/dfletcher/tsws/blob/master/README.md
https://twitter.com/nixcraft/status/640602476077445120
https://twitter.com/cyb3rops/status/640951571925323780
https://t.co/9y1BSJbP7R
https://isc.sans.edu/diary.html?storyid=20125&rss
https://twitter.com/cyb3rops/status/640950605499006976
http://t.co/vSiT94ohD0
http://www.darknet.org.uk/2015/09/gcat-python-backdoor-using-gmail-for-command-control/
https://twitter.com/cyb3rops/status/640880352995737601
https://t.co/igZtIzL2M8
https://www.exploit-db.com/exploits/38090/
https://twitter.com/cyb3rops/status/640758450130145280
http://t.co/QPqyr53Ml8
http://samvartaka.github.io/malware/2015/09/07/poison-ivy-reliable-exploitation/
https://twitter.com/cyb3rops/status/640545648111185921
https://t.co/A0qxsoJAgB
https://www.bsk-consulting.de/2015/09/06/splunk-threat-intel-ioc-integration-via-lookups/
https://twitter.com/cyb3rops/status/640503863766843392
https://t.co/0m6OKjAJMA
https://blog.mozilla.org/security/2015/09/04/improving-security-for-bugzilla/
https://twitter.com/cyb3rops/status/640502709213372416
http://t.co/FBoW7zsg5M
http://seclist.us/appsecswissknife-open-source-network-scanning-tool-for-internal-and-external-infrastracture-vulnerability-scanning.html
https://twitter.com/cyb3rops/status/640445880512970752
https://t.co/FM5Sb9px5K
https://github.com/shockone/black-screen/blob/master/README.md
https://twitter.com/cyb3rops/status/640297396057059333
http://t.co/fSggio61Ge
http://seclist.us/bedfuzzer-an-bruteforce-exploit-detector.html
https://twitter.com/cyb3rops/status/640216627615809536
http://t.co/hTt1TmeRb6
http://seclist.us/sneakyservice-a-simple-c-windows-service-implementation-that-can-be-used-to-demonstrate-privilege-escalation.html
https://twitter.com/cyb3rops/status/640207161784684544
http://t.co/UAM1CIE6ix
http://blog.vectranetworks.com/blog/belkin-analysis
https://twitter.com/cyb3rops/status/640195285424177153
https://twitter.com/cyb3rops/status/640178116653154304
https://t.co/zLJtApLNjW
https://github.com/gilgigilgil/anderson.vim
https://twitter.com/cyb3rops/status/640168530856529920
http://t.co/qvyXWuqPnj
http://windowsir.blogspot.de/2015/09/registry-analysis.html?m=1
https://twitter.com/cyb3rops/status/639887469694054408
http://t.co/eDwxMEEdH3
http://seclist.us/mailraider-v0-1-released-powershell-ms-outlook-enumeration-and-internal-phishing-tool.html
https://twitter.com/cyb3rops/status/639851159268818948
http://t.co/4UEsBLzo8C
http://www.virusbtn.com/blog/2015/09_04.xml?rss
https://twitter.com/cyb3rops/status/639850915487444992
http://t.co/ZTYaQE9kK8
http://arstechnica.com/security/2015/09/ms-researchers-claim-to-crack-encrypted-database-with-old-simple-trick/
https://twitter.com/cyb3rops/status/639821482915438592
http://t.co/bXkIszZOOn
http://www.devconsole.info/?page_id=1370
https://twitter.com/cyb3rops/status/639820606716964864
https://t.co/5dtEdG3HVg
https://securityintelligence.com/side-channel-attacks-against-multicore-processors-in-cross-vm-scenarios-part-iii/
https://twitter.com/cyb3rops/status/639820080860237827
https://t.co/3ePAwwLtdf
https://securityintelligence.com/an-example-of-common-string-and-payload-obfuscation-techniques-in-malware/
https://twitter.com/cyb3rops/status/639819868964044801
http://t.co/6haWXToQOG
http://arstechnica.com/security/2015/09/serious-bug-causes-quite-a-few-https-sites-to-reveal-their-private-keys/
https://twitter.com/cyb3rops/status/639802317940912128
https://twitter.com/cyb3rops/status/639771488703352832
http://t.co/MbMY1Ts3UI
http://www.net-security.org/article.php?id=2378
https://twitter.com/cyb3rops/status/639560578613252096
https://t.co/KNHR904GKG
https://twitter.com/PhysicalDrive0/status/639536477031006208
https://twitter.com/cyb3rops/status/639552551776571392
https://t.co/fDz0tFPhYi
http://t.co/MMWm7WtpA2
https://github.com/Neo23x0/Loki/blob/master/signatures/apt_rocketkitten_keylogger.yar
http://pastebin.com/TbD50nps
https://twitter.com/cyb3rops/status/639540320758333440
http://t.co/nlVM6ie0oy
http://blogs.cisco.com/security/talos/machine-learning-detectors
https://twitter.com/cyb3rops/status/639470242138341376
http://t.co/kW99BwBFxh
http://www.forensicfocus.com/News/article/sid=2488/
https://twitter.com/cyb3rops/status/639470012219150336
https://t.co/q1xp5eofUQ
https://github.com/jemalloc/jemalloc
https://twitter.com/cyb3rops/status/639435732361330688
https://twitter.com/cyb3rops/status/639307793032417280
http://t.co/1GEoMv643b
http://seclist.us/updates-gef-multi-architecture-gdb-enhanced-features-for-exploiters-reverse-engineers.html
https://twitter.com/cyb3rops/status/639176029081370626
http://t.co/mst6Kogavm
http://securityaffairs.co/wordpress/39821/hacking/chinese-smartphones-pre-installed-malware.html
https://twitter.com/cyb3rops/status/639150388671856641
https://twitter.com/cyb3rops/status/639108419778179073
https://twitter.com/cyb3rops/status/639107956106227712
https://twitter.com/cyb3rops/status/639105956945764352
https://twitter.com/cyb3rops/status/639105197227266049
https://t.co/G4cC2mqhTp
https://github.com/iogf/vy
https://twitter.com/cyb3rops/status/639085498565283840
http://t.co/BhP2kHhBwx
http://seclist.us/bash-scanner-a-fast-way-to-scan-your-server-for-outdated-software-and-potential-exploits.html
https://twitter.com/cyb3rops/status/639085094574137344
http://t.co/84k1UHaZ0t
http://nakedsecurity.sophos.com/2015/09/02/microsoft-word-intruder-revealed-inside-a-malware-construction-kit/
https://twitter.com/cyb3rops/status/639050307402657793
http://t.co/Owp6zlApHo
http://pastebin.com/88HccPWp
https://twitter.com/cyb3rops/status/639010856227971072
http://t.co/wrgWjCL64W
http://www.net-security.org/secworld.php?id=18809
https://twitter.com/cyb3rops/status/638850763800903680
http://t.co/SQrc6Biln7
http://www.zerohedge.com/news/2015-09-01/surprise-125-classified-exchanges-show-latest-clinton-e-mail-dump
https://twitter.com/cyb3rops/status/638808376005234689
http://t.co/6E0NGxRD75
http://seclists.org/fulldisclosure/2015/Sep/0
https://twitter.com/cyb3rops/status/638808315028467713
http://t.co/fKWfhhn3eS
http://krebsonsecurity.com/2015/09/like-kaspersky-russian-antivirus-firm-dr-web-tested-rivals/
https://twitter.com/cyb3rops/status/638808134908289025
http://t.co/DS7CpGMoqc
http://seclist.us/dnsaxfr-shell-script-for-testing-dns-axfr-vulnerability.html
https://twitter.com/cyb3rops/status/638771638192967680
https://t.co/oxbQ5q6TJ8
https://secure.gd/dl-de-mmwr201502
https://twitter.com/cyb3rops/status/638738257992359936
https://t.co/C6DSaVECqd
https://xkcd.com/936/
https://twitter.com/cyb3rops/status/638733268553232384
http://t.co/EJHOtRPnOj
http://blog.trendmicro.com/trendlabs-security-intelligence/the-spy-kittens-are-back-an-update-to-rocket-kitten/
https://twitter.com/cyb3rops/status/638732947076612096
http://t.co/VY0nek0Pvv
http://arstechnica.com/security/2015/09/lizard-squad-launches-ddos-against-uk-law-enforcement-agency/
https://twitter.com/cyb3rops/status/638732886854762496
http://t.co/ctdC9eiwhT
http://seclist.us/updates-3viltwinattacker-v-0-6-4-framework-for-eviltwin-attacks.html
https://twitter.com/cyb3rops/status/638671530197680128
http://t.co/i3F4REwzYl
http://blog.trendmicro.com/trendlabs-security-intelligence/attackers-target-organizations-in-japan-transform-local-sites-into-cc-servers-for-emdivi-backdoor/
https://twitter.com/cyb3rops/status/638671415806459904
http://t.co/4aJ8dLocYq
http://articles.forensicfocus.com/2015/09/01/countering-anti-forensic-efforts-part-1/
https://twitter.com/cyb3rops/status/638593923728977920
https://t.co/37g6Siv0hK
https://blogs.mcafee.com/mcafee-labs/best-practices-for-preventing-dridex-infections-2/
https://twitter.com/cyb3rops/status/638593532631105536
http://t.co/dsGdRpEP6u
http://arstechnica.com/information-technology/2015/08/microsoft-accused-of-adding-spy-features-to-windows-7-8/
https://twitter.com/cyb3rops/status/638593486909009920
http://t.co/yQA2gs2g0p
http://seclist.us/katana-v-0-0-0-6-released-framework-multi-tool-for-hackers-professional-security-and-developers.html
https://twitter.com/cyb3rops/status/638593314883805184
https://t.co/TkMm68Wj4E
https://github.com/OMENScan/AChoir
https://twitter.com/cyb3rops/status/638490131616432128
https://t.co/8TwWI1A86K
https://securityintelligence.com/shifu-masterful-new-banking-trojan-is-attacking-14-japanese-banks/
https://twitter.com/cyb3rops/status/638458782209699841
https://t.co/6hna7AKHnt
https://asert.arbornetworks.com/defending-the-white-elephant/
https://twitter.com/cyb3rops/status/638413210635341824
https://t.co/92eC0mWyUC
https://twitter.com/SCMagazine/status/638401079919706112
https://twitter.com/cyb3rops/status/638396707563274240
http://t.co/GMyaaOM4TP
http://blog.malwarebytes.org/mac/2015/08/genieo-installer-tricks-keychain/
https://twitter.com/cyb3rops/status/638386057835335680
http://t.co/LF4k6DeOhu
http://www.darknet.org.uk/2015/08/tiger-unix-security-audit-intrusion-detection-tool/
https://twitter.com/cyb3rops/status/638360887196315648
http://t.co/PR9ByR3RQy
http://researchcenter.paloaltonetworks.com/2015/08/keyraider-ios-malware-steals-over-225000-apple-accounts-to-create-free-app-utopia/
https://twitter.com/cyb3rops/status/638360426959536128
http://t.co/KtnkqE9ALP
http://blog.ptsecurity.com/2015/08/positive-technologies-helps-to.html?m=1
https://twitter.com/cyb3rops/status/638360197375918080
http://t.co/BweHyHVR3K
http://arstechnica.com/tech-policy/2015/08/white-house-eyes-sanctions-for-china-over-cyber-theft-of-trade-secrets/
https://twitter.com/cyb3rops/status/638330707606130688
https://t.co/vTDzPTlJR0
https://twitter.com/netbiosX/status/638292832386727936
https://twitter.com/cyb3rops/status/638330369356513280
http://t.co/EOD2ruowpE
http://www.mlsec.org/malheur/
https://twitter.com/cyb3rops/status/638087144498667520
https://t.co/iHTQC4XhHJ
https://www.owasp.org/images/3/33/Automated-threat-handbook.pdf
https://twitter.com/cyb3rops/status/638085680934047748
http://t.co/8UnwqyP75O
http://seclist.us/updates-mitmf-v-0-9-8-the-dark-side.html
https://twitter.com/cyb3rops/status/638085459516751872
https://t.co/2llhDgFf13
https://splunkbase.splunk.com/app/2655/
https://twitter.com/cyb3rops/status/637743128397615105
http://t.co/LdOQvxYAaj
http://seclist.us/powermemory-exploit-the-credentials-present-in-files-and-memory.html
https://twitter.com/cyb3rops/status/637561509988728832
http://t.co/IrD4wOf52B
https://t.co/MBNKwFPf2O
http://pastebin.com/QzRY75Qx
https://www.reddit.com/r/technology/comments/3iaqti/remove_these_windows_78_kb_updates_to_stop/cuf17b7
https://twitter.com/cyb3rops/status/637523475612205056
https://twitter.com/cyb3rops/status/637518179821060096
https://t.co/bQCYuRsIPV
https://twitter.com/gentilkiwi/status/637402457740562432
https://twitter.com/cyb3rops/status/637516970913628160
http://t.co/8aVsIqpBwS
http://www.ghacks.net/2015/08/28/microsoft-intensifies-data-collection-on-windows-7-and-8-systems/
https://twitter.com/cyb3rops/status/637403209234051072
https://t.co/N1g9N1JSYS
http://t.co/CezmSrngrw
https://otx.alienvault.com/pulse/55e0e7a667db8c7bb8cba381/
http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/regin-analysis.pdf
https://twitter.com/cyb3rops/status/637366199106555905
http://t.co/4dUgxf7E9Y
http://seclist.us/node-reverse-trojan-is-an-example-of-a-reverse-rat-remote-administration-tool-trojan-horse.html
https://twitter.com/cyb3rops/status/637301374129147905
http://t.co/8Zh9zwatOm
http://www.symantec.com/connect/blogs/regin-further-unravelling-mysteries-cyberespionage-threat
https://twitter.com/cyb3rops/status/637259969495220224
http://t.co/CqdBVyWrkP
http://www.reddit.com/r/Malware/comments/3ipvp1/55_gb_of_vintage_malaware/
https://twitter.com/cyb3rops/status/637213370534469632
https://t.co/Qo6erAvlGl
https://www.proteansec.com/malware-analysis/next-generation-dynamic-analysis-with-panda/
https://twitter.com/cyb3rops/status/637212778852388864
http://t.co/OOaE3YohhA
http://blog.didierstevens.com/2015/08/28/test-file-pdf-with-embedded-doc-dropping-eicar/
https://twitter.com/cyb3rops/status/637147500235915264
https://t.co/0OWdxZOVSa
https://twitter.com/cricketondns/status/637032342792437760
https://twitter.com/cyb3rops/status/637144728073596929
http://t.co/PVSaYCshTp
http://seclist.us/mac4n6-collection-of-forensics-artifacs-location-for-mac-os-x-and-ios.html
https://twitter.com/cyb3rops/status/637143982045310980
http://t.co/chCKb0vwSq
http://www.ehacking.net/2015/08/agora-goes-offline-over-tor.html
https://twitter.com/cyb3rops/status/637143831176179712
https://t.co/Ei6P2wKCn6
https://github.com/h2non/toxy
https://twitter.com/cyb3rops/status/637031443953270784
https://t.co/q8ZzTFamvB
https://twitter.com/herrcore/status/637015410383044608
https://twitter.com/cyb3rops/status/637030841512820736
http://t.co/83JzdSKPeC
http://www.fireeye.com/blog/threat-research/2015/08/ins0mnia_unlimited.html
https://twitter.com/cyb3rops/status/636971278323326976
http://t.co/8BEm3s0zmD
http://googleadsdeveloper.blogspot.ch/2015/08/handling-app-transport-security-in-ios-9.html?m=1
https://twitter.com/cyb3rops/status/636916399760363520
https://t.co/c260iHluQt
https://isc.sans.edu/diary.html?storyid=20079&rss
https://twitter.com/cyb3rops/status/636916264011702273
https://t.co/MPxpz2Gq7A
https://securelist.com/blog/mobile/71981/taking-root/
https://twitter.com/cyb3rops/status/636898770421219328
https://t.co/TVNnUweWEA
https://twitter.com/Cyb3rOps/status/636808192383668224
https://twitter.com/cyb3rops/status/636826646016880640
https://twitter.com/cyb3rops/status/636818457502224384
http://t.co/RWRQjYAAdd
http://blog.dynamoo.com/2015/08/malware-spam-reresume-leads-to.html?m=1
https://twitter.com/cyb3rops/status/636818323322314752
http://t.co/pnLth4AzuW
http://arstechnica.com/security/2015/08/concerns-new-tor-weakness-is-being-exploited-prompt-dark-market-shut-down/
https://twitter.com/cyb3rops/status/636808192383668224
https://twitter.com/cyb3rops/status/636634213685592066
https://t.co/oZb7gxwVht
https://www.4armed.com/blog/endgame-attributing-hacking-team-implants-globally
https://twitter.com/cyb3rops/status/636612580526673921
https://twitter.com/cyb3rops/status/636607995670077441
https://twitter.com/cyb3rops/status/636598635321540609
http://t.co/ufMA2BbwUc
http://www.brimorlabsblog.com/2015/08/publicly-announcing-buatapa.html
https://twitter.com/cyb3rops/status/636596461795475456
http://t.co/zZdNRNJPrJ
http://blog.malwarebytes.org/fraud-scam/2015/08/rewards-page-promises-discount-for-your-pup-purchase/
https://twitter.com/cyb3rops/status/636596311320625152
https://t.co/N0HWJvzP05
https://www.virusbtn.com/blog/2015/08_26.xml?rss
https://twitter.com/cyb3rops/status/636594965913669634
https://t.co/nsZkgTTxLk
https://gist.github.com/Neo23x0/e3d4e316d7441d9143c7
https://twitter.com/cyb3rops/status/636592820715978752
https://t.co/nsZkgTTxLk
https://gist.github.com/Neo23x0/e3d4e316d7441d9143c7
https://twitter.com/cyb3rops/status/636527624521687042
https://t.co/gIFzSb0V8a
https://govolution.wordpress.com/2015/08/26/an-analysis-of-shikata-ga-nai/
https://twitter.com/cyb3rops/status/636527077945180160
http://t.co/HPzgcHw5jZ
http://blog.portswigger.net/2015/08/new-release-cycle-for-burp-suite-free.html
https://twitter.com/cyb3rops/status/636482621594144769
https://t.co/zjwLAMbiSu
https://www.hybrid-analysis.com/sample/9f3c97af3fcd26120968dd01d4a4f255d6f8eee30d34fb2111364b7315ab0ee8?environmentId=5
https://twitter.com/cyb3rops/status/636415767920148480
http://t.co/AjxoCM5i7B
http://phish.io/
https://twitter.com/cyb3rops/status/636415140104114176
http://t.co/EhfrgP7tRn
http://www.hakspek.com/security/windows-script-to-remove-all-windows-10-telemetry-updates/
https://twitter.com/cyb3rops/status/636249867229241348
https://t.co/4555fPWzMH
https://github.com/csvoss/oneliner/blob/master/README.md
https://twitter.com/cyb3rops/status/636224279290486784
https://t.co/cmbAFGYvAx
https://www.virusbtn.com/blog/2015/08_25.xml?rss
https://twitter.com/cyb3rops/status/636216191460200448
http://t.co/c9wIdFy7Ze
http://blogs.cisco.com/security/talos/sysadmin-phish
https://twitter.com/cyb3rops/status/636179183895486465
http://t.co/M1jx6rlcFA
http://researchcenter.paloaltonetworks.com/2015/08/rtf-exploit-installs-italian-rat-uwarrior/
https://twitter.com/cyb3rops/status/636167608996397056
http://t.co/vSYWiFZDqQ
http://pluginbase.pocoo.org/
https://twitter.com/cyb3rops/status/636155632391950336
https://t.co/lDiUUULqPq
https://blog.korelogic.com/blog/2015/01/12
https://twitter.com/cyb3rops/status/636064535842029568
https://t.co/SkmgNbN0NK
https://twitter.com/keithtyler/status/635584361472110592
https://twitter.com/cyb3rops/status/635932518026448896
https://twitter.com/cyb3rops/status/635919979716722688
https://t.co/rjDc2syUM1
https://blog.rootshell.be/2015/08/24/sending-windows-event-logs-to-logstash/
https://twitter.com/cyb3rops/status/635918429665538048
http://t.co/2Lhk0Tw5Fy
http://blog.dynamoo.com/2015/08/popular-german-wesite-dwdlde-hacked.html
https://twitter.com/cyb3rops/status/635918327081250817
http://t.co/5GAFjBA3Cr
http://www.malwaretech.com/2015/08/creating-ultimate-tor-virtual-network.html
https://twitter.com/cyb3rops/status/635918218943700993
http://t.co/d75UzwoP16
http://www.ehacking.net/2015/08/xssless-automated-xss-payload-generator.html
https://twitter.com/cyb3rops/status/635918111930228736
http://t.co/bgu5DaD1rI
http://research.zscaler.com/2015/08/signed-dridex-campaign.html?m=1
https://twitter.com/cyb3rops/status/635917877296635904
http://t.co/UQe6b7HOPX
http://arstechnica.com/science/2015/08/reflective-satellites-may-be-the-future-of-high-end-encryption/
https://twitter.com/cyb3rops/status/635917753262731265
http://t.co/zI2FtQFMDr
http://krebsonsecurity.com/2015/08/leaked-ashleymadison-emails-suggest-execs-hacked-competitors/
https://twitter.com/cyb3rops/status/635868247141818370
https://t.co/CyCJnu5fie
https://twitter.com/dfkt/status/635816599103119361
https://twitter.com/cyb3rops/status/635866958731325440
https://t.co/IeWVESMe1V
https://twitter.com/m3g9tr0n/status/635564771199307776
https://twitter.com/cyb3rops/status/635792847309041664
http://t.co/Ae6am2m61C
http://blog.dynamoo.com/2015/08/malware-spam-message-from-scanner.html?m=1
https://twitter.com/cyb3rops/status/635730941063921664
https://twitter.com/cyb3rops/status/635719884358447104
http://t.co/sMCvSDRqKq
http://thehackerblog.com/sonar-a-framework-for-scanning-and-exploiting-internal-hosts-with-a-webpage/
https://twitter.com/cyb3rops/status/635718465224114176
http://t.co/d87Yb08KBz
http://blog.basementpctech.com/2012/02/incident-response-on-live-unix-system.html?m=1
https://twitter.com/cyb3rops/status/635507875188768768
http://t.co/dQ0T6h08pP
http://seclist.us/miscellaneous-implementation-of-some-concepts-in-security-and-exploiting.html
https://twitter.com/cyb3rops/status/635418521141383168
http://t.co/4WNqqMmxLy
http://m.imgur.com/a/c4WNF
https://twitter.com/cyb3rops/status/635417755764813825
http://t.co/JIrerZAHyy
http://arstechnica.com/security/2015/08/new-data-uncovers-the-surprising-predictability-of-android-lock-patterns/
https://twitter.com/cyb3rops/status/635211371056078849
http://t.co/thsn7ZQY6R
http://www.hexacorn.com/blog/category/malware-analysis/
https://twitter.com/cyb3rops/status/635208999026225152
http://t.co/dvTB5uTbP3
http://blog.invisiblethings.org/2015/04/23/qubes-30rc1-and-roadmap.html
https://twitter.com/cyb3rops/status/635203319372337152
http://t.co/nXcnEN5f7k
http://seclist.us/uac-bypass-vulnerability-in-the-windows-script-host.html
https://twitter.com/cyb3rops/status/635203206260355072
http://t.co/L51elNwsmg
http://seclist.us/ranger-is-a-penetration-tool-for-automates-identification-viable-target-using-native-protocol.html
https://twitter.com/cyb3rops/status/635131909396385792
http://t.co/hP0I2svlvv
http://arstechnica.com/security/2015/08/ashley-madison-hackers-leave-footprints-that-may-help-investigators/
https://twitter.com/cyb3rops/status/635094519206293504
http://t.co/3752UyOPAC
http://www.kitploit.com/2015/08/katoolin-automatically-install-all-kali.html
https://twitter.com/cyb3rops/status/635094479863717888
http://t.co/DeiRh5IFNU
http://blog.malwaremustdie.org/2015/08/mmd-0039-2015-chinaz-made-new-malware.html
https://twitter.com/cyb3rops/status/635044328080023552
https://twitter.com/cyb3rops/status/634991295216414720
http://t.co/sG0HzmM4q7
http://seclist.us/updates-king-phisher-v-0-3-0-a-phishing-focused-social-engineering-campaign.html
https://twitter.com/cyb3rops/status/634859391867482112
http://t.co/5e4Ah3mQ2H
http://seclist.us/hta-exploit-microsoft-windows-hta-html-application-remote-code-execution.html
https://twitter.com/cyb3rops/status/634817546886230017
http://t.co/ZRvjzAA6o4
http://googleprojectzero.blogspot.com/2015/08/one-font-vulnerability-to-rule-them-all_21.html
https://twitter.com/cyb3rops/status/634799252473036800
https://twitter.com/cyb3rops/status/634752143199764480
https://t.co/U5ceU0M5D9
https://www.trustedsec.com/august-2015/the-pentesters-framework-ptf-1-0-released/
https://twitter.com/cyb3rops/status/634752080280977410
http://t.co/yrnHMLAE1m
http://blog.malwarebytes.org/online-security/2015/08/exploring-an-mbam-for-windows-10-website/
https://twitter.com/cyb3rops/status/634703115900555264
https://twitter.com/cyb3rops/status/634701195936952320
https://t.co/RQC3iy9NcH
https://securelist.com/blog/phishing/71963/a-phishing-trampoline-embedding-redirects-in-pdf-documents/
https://twitter.com/cyb3rops/status/634701089477120000
http://t.co/RkzKWsxQGc
http://seclist.us/updates-commix-v-0-1b-c537e53-automatic-all-in-one-os-command-injection-and-exploitation-tool.html
https://twitter.com/cyb3rops/status/634701013417635841
http://t.co/q41cx97xlW
http://arstechnica.com/security/2015/08/nsa-preps-quantum-resistant-algorithms-to-head-off-crypto-apocolypse/
https://twitter.com/cyb3rops/status/634673469867859968
https://t.co/hdPsoWeE6H
https://www.virustotal.com/en/file/f1e7793bb589912b3798008e5c3c235bc21369293f5865e45355afc921fe17e5/analysis/
https://twitter.com/cyb3rops/status/634666680204066816
https://t.co/tbc1jC178j
https://github.com/Neo23x0/Loki/commit/c090e50de863f509a241a67d0e8a7b8471de0d56
https://twitter.com/cyb3rops/status/634633802644647936
http://t.co/K11rLAnGpP
http://pastebin.com/0H6nmeRd
https://twitter.com/cyb3rops/status/634627332247027712
https://t.co/of4iVFE91l
https://t.co/Umj5P9Fdi9
https://securelist.com/blog/research/71876/new-activity-of-the-blue-termite-apt/
https://github.com/Neo23x0/Loki/blob/master/signatures/apt_bluetermite_emdivi.yar
https://twitter.com/cyb3rops/status/634621621173665792
http://t.co/JXsjDBr5BO
http://research.zscaler.com/2015/08/neutrino-campaign-leveraging-wordpress.html?m=1
https://twitter.com/cyb3rops/status/634620183991197696
http://t.co/3DTrpwcUeE
http://www.kitploit.com/2015/08/whonix-v11-anonymous-operating-system.html
https://twitter.com/cyb3rops/status/634482658752466944
http://t.co/7U6EtAV7vq
http://pastebin.com/wR8G07Ge
https://twitter.com/cyb3rops/status/634473855864676352
http://t.co/PQgaVAbKcw
http://researchcenter.paloaltonetworks.com/2015/08/retefe-banking-trojan-targets-sweden-switzerland-and-japan/
https://twitter.com/cyb3rops/status/634461159043821568
https://t.co/6HoNuWy93m
https://blog.protonmail.ch/protonmail-android-and-ios-mobile-app-beta/
https://twitter.com/cyb3rops/status/634447829352775684
https://t.co/g1CvRG2ygW
https://www.trustedsec.com/august-2015/second-larger-ashley-madison-dump-released/
https://twitter.com/cyb3rops/status/634440418801942528
http://t.co/t0LGQcDUpD
http://blog.shadowserver.org/2015/08/10/the-italian-connection-an-analysis-of-exploit-supply-chains-and-digital-quartermasters/
https://twitter.com/cyb3rops/status/634439877522780160
http://t.co/wTHIqu0JTy
https://t.co/adKwayXA2B
http://www.symantec.com/connect/blogs/new-internet-explorer-zero-day-exploited-hong-kong-attacks
https://github.com/Neo23x0/Loki/blob/master/signatures/apt_korplug_fast.yar
https://twitter.com/cyb3rops/status/634432628951810048
https://t.co/q36Nj0KHlu
https://otx.alienvault.com/pulse/55d4be3b67db8c37b0a34f75/
https://twitter.com/cyb3rops/status/634393795979800576
https://t.co/of4iVFE91l
https://securelist.com/blog/research/71876/new-activity-of-the-blue-termite-apt/
https://twitter.com/cyb3rops/status/634392742257426432
https://t.co/9SNTZS5QvE
https://community.rapid7.com/community/infosec/blog/2015/08/20/the-absence-of-evidence-in-breaches
https://twitter.com/cyb3rops/status/634392573298221057
https://t.co/Csu6KRawov
https://securityintelligence.com/dyre-summer-renovation-randomized-config-file-names-keep-antivirus-engines-guessing/
https://twitter.com/cyb3rops/status/634377670386667521
https://twitter.com/cyb3rops/status/634304120938188800
https://twitter.com/cyb3rops/status/634295991710150656
https://twitter.com/cyb3rops/status/634260991954558976
http://t.co/znX83fqnWE
http://seclist.us/k-search-shodan-api-bug-finder.html
https://twitter.com/cyb3rops/status/634260785489965056
https://t.co/4ersgnkdZe
https://github.com/byt3bl33d3r/CrackMapExec
https://twitter.com/cyb3rops/status/634069302476410880
https://t.co/fsscoWWUtZ
https://community.rapid7.com/community/metasploit/blog/2015/08/19/workspace-in-your-prompt
https://twitter.com/cyb3rops/status/634063958194974720
https://t.co/xTDEQc9Qyl
https://github.com/google/binnavi
https://twitter.com/cyb3rops/status/634058353463947265
https://t.co/kPNAvliEDj
https://digital-forensics.sans.org/blog/2015/08/19/device-profiling-with-windows-prefetch
https://twitter.com/cyb3rops/status/634057962772897792
https://t.co/e4GcE9LvvG
https://github.com/ksantr/PyNcat/blob/master/README.md
https://twitter.com/cyb3rops/status/634028845927112709
https://t.co/jXaqOIjWTd
https://securelist.com/blog/security-policies/71915/indicators-of-compromise-as-a-way-to-reduce-risk/
https://twitter.com/cyb3rops/status/633878430942130176
https://t.co/OhQ8krYj65
https://www.trustedsec.com/august-2015/ashley-madison-database-dumped/
https://twitter.com/cyb3rops/status/633878171687981056
https://t.co/syWmL08BGL
https://adsecurity.org/?p=1681
https://twitter.com/cyb3rops/status/633758716790181888
https://t.co/9UhvML9y9m
https://twitter.com/PythonWeekly/status/633715050843385857
https://twitter.com/cyb3rops/status/633757168177573889
https://t.co/cGN7HC7SSi
https://twitter.com/malwaremagpie/status/633752909264478208
https://twitter.com/cyb3rops/status/633756919258181632
https://t.co/DfJM1aXW94
https://blog.protonmail.ch/protonmail-open-source/
https://twitter.com/cyb3rops/status/633708524699320321
http://t.co/zPG3NnLF4s
http://seclist.us/distro_checker-v-1-0-1-released-cross-distribution-exploit-testing.html
https://twitter.com/cyb3rops/status/633691367210909696
https://twitter.com/cyb3rops/status/633684410219524096
https://t.co/mXTKBHXPwn
https://securityintelligence.com/gozi-goes-to-bulgaria-is-cybercrime-heading-to-less-chartered-territory/
https://twitter.com/cyb3rops/status/633672073865465860
http://t.co/6BXzMxIpTv
http://securityaffairs.co/wordpress/39419/cyber-crime/ransomware-open-source.html
https://twitter.com/cyb3rops/status/633641275699367940
http://t.co/7mBxR2rSqX
http://resources.infosecinstitute.com/when-you-cant-arpspoof/
https://twitter.com/cyb3rops/status/633641103082831872
http://t.co/giTbWDlifT
http://blog.checkpoint.com/2015/08/18/javascript-hooking-malicious-website-research-tool/
https://twitter.com/cyb3rops/status/633531822169829376
http://t.co/5EN7hWyd5g
http://krebsonsecurity.com/2015/08/how-not-to-start-an-encryption-company/
https://twitter.com/cyb3rops/status/633519467855745024
http://t.co/Gd8hcszICQ
http://seclist.us/updates-msfvenom-payload-creator-mpc-v-1-3-2.html
https://twitter.com/cyb3rops/status/633515517035290624
https://t.co/cq76LbI9jC
https://blog.torproject.org/blog/tor-browser-501-released
https://twitter.com/cyb3rops/status/633281264569683968
https://t.co/lozoU7r14V
https://github.com/n1nj4sec/pr0cks
https://twitter.com/cyb3rops/status/633280838097084416
http://t.co/nccYnHa4D3
http://www.welivesecurity.com/2015/08/17/bittorrent-family-susceptible-drdos-attacks/
https://twitter.com/cyb3rops/status/633247414615429120
https://t.co/9SkHDBMXIq
https://github.com/yudai/gotty
https://twitter.com/cyb3rops/status/633246960103878656
http://t.co/miCPJ9cv9b
http://blog.0x3a.com/post/126900680679
https://twitter.com/cyb3rops/status/633168466774769664
http://t.co/BXFWmmVB14
http://www.reddit.com/r/Malware/comments/3h9lkw/trojan_sent_to_dead_prosecutor_in_argentina/
https://twitter.com/cyb3rops/status/633035676586541056
http://t.co/dn2SVBn8wp
http://seclist.us/updates-empire-v-1-1-powershell-post-exploitation-agent.html
https://twitter.com/cyb3rops/status/632922269963186176
https://t.co/NfAbdSBdBa
https://github.com/johnkerl/miller
https://twitter.com/cyb3rops/status/632878652057894913
https://t.co/g8LeVGRk5Z
https://lab.pentestit.ru/pentestlabs/3
https://twitter.com/cyb3rops/status/632537376116592640
http://t.co/kJs5wbEFeU
http://www.hexacorn.com/blog/
https://twitter.com/cyb3rops/status/632507452404142080
https://t.co/ZYt0kAkvmI
https://www.reddit.com/r/netsec/comments/3h1qqu/nsa_updates_suite_b_crypto_to_shift_to_quantum/
https://twitter.com/cyb3rops/status/632507138926084096
http://t.co/Ht1DFVbKDH
http://seclist.us/kelogger24-is-a-fully-functional-application-for-recording-keystrokes.html
https://twitter.com/cyb3rops/status/632262876837904384
http://t.co/D74TkUtvGY
http://arstechnica.com/security/2015/08/report-claims-kaspersky-faked-malware-to-trip-up-competitors-products/
https://twitter.com/cyb3rops/status/632262235126108160
http://t.co/n8xjC7kL0S
http://research.zscaler.com/2015/08/chinese-cyber-espionage-apt-group.html?m=1
https://twitter.com/cyb3rops/status/632261184289378304
http://t.co/ERqLwPh92J
http://blog.malwarebytes.org/fraud-scam/2015/08/eurocentric-ransomware-spam-in-circulation/
https://twitter.com/cyb3rops/status/632183705973456896
https://t.co/6vvGymIXHb
http://www.securitysift.com/pecloak-py-an-experiment-in-av-evasion/
https://twitter.com/cyb3rops/status/632149564171153408
http://t.co/6vvGymIXHb
http://www.securitysift.com/pecloak-py-an-experiment-in-av-evasion/
https://twitter.com/cyb3rops/status/632118978769518592
http://t.co/3EQG4NAvLo
http://seclist.us/pecloak-py-beta-a-multi-pass-encoder-heuristic-sandbox-bypass-av-evasion-tool.html
https://twitter.com/cyb3rops/status/632058007740919808
https://twitter.com/cyb3rops/status/632056871210369024
http://t.co/LnSbXrfVEp
http://seclist.us/ms15-034-scanner-application-that-supports-scanning-for-ms15-034-vulnerability-over-http-https.html
https://twitter.com/cyb3rops/status/632056017614962688
https://t.co/hvukvNiNAD
https://m.youtube.com/watch?v=7rkRLn6Cu5o
https://twitter.com/cyb3rops/status/632055399978504192
https://t.co/r3mXRbJfEW
https://blog.hboeck.de/archives/874-More-TLS-Man-in-the-Middle-failures-Adguard,-Privdog-again-and-ProtocolFilters.dll.html
https://twitter.com/cyb3rops/status/632055349554610178
http://t.co/7SenKd32Mu
http://seclist.us/amazon-scraper-amazon-multi-account-order-history-scraper-including-bypass-login-verifications.html
https://twitter.com/cyb3rops/status/632055085359591424
https://t.co/vauZz8IcPA
https://nakedsecurity.sophos.com/2015/08/13/apple-issues-updates-for-lots-of-critical-holes-patch-now/?utm_source=Naked%2520Security%2520-%2520Feed&utm_medium=feed&utm_content=rss2&utm_campaign=Feed
https://twitter.com/cyb3rops/status/632054686737149952
https://t.co/1Qu4MjnINU
https://adsecurity.org/?p=1667
https://twitter.com/cyb3rops/status/632053412574666756
https://t.co/AARMcQWTZp
https://github.com/NytroRST/NetRipper
https://twitter.com/cyb3rops/status/631896107770118144
http://t.co/wvg9wK6WeU
http://googleprojectzero.blogspot.com/2015/08/one-font-vulnerability-to-rule-them-all_13.html
https://twitter.com/cyb3rops/status/631896066896601088
http://t.co/6xmJtVPlKQ
http://arstechnica.com/security/2015/08/isps-e-mail-password-reset-system-is-a-guy-named-shawn/
https://twitter.com/cyb3rops/status/631854462945087488
http://t.co/haDNEbyhm3
http://resources.infosecinstitute.com/yara-simple-effective-way-dissecting-malware/
https://twitter.com/cyb3rops/status/631852617975599105
http://t.co/H4CTebj6JG
http://articles.forensicfocus.com/2015/08/06/standard-processes-in-windows-10/
https://twitter.com/cyb3rops/status/631847915237957632
http://t.co/POJpXSMdSK
http://www.cyintanalysis.com/threat-analysis-poison-ivy-and-links-to-an-extended-plugx-campaign/
https://twitter.com/cyb3rops/status/631814636665487360
https://twitter.com/cyb3rops/status/631813237357551617
https://t.co/wd1Q6mBZzy
https://twitter.com/fredvries/status/631812429563957248
https://twitter.com/cyb3rops/status/631714909101928448
http://t.co/4MwyziWiL9
http://t.co/pmcjR17oFA
http://NYTimes.com
http://mobile.nytimes.com/2015/08/12/business/dealbook/insider-trading-sec-hacking-case.html?_r=0&referrer=
https://twitter.com/cyb3rops/status/631713615675031552
http://t.co/K7gisHxs5t
http://blog.didierstevens.com/2015/08/13/update-pdf-parser-0-6-4/
https://twitter.com/cyb3rops/status/631713487048339456
https://t.co/r3mXRbJfEW
https://blog.hboeck.de/archives/874-More-TLS-Man-in-the-Middle-failures-Adguard,-Privdog-again-and-ProtocolFilters.dll.html
https://twitter.com/cyb3rops/status/631713283435835392
http://t.co/cS02ppNvJV
http://cyber-defense.sans.org/blog/2015/08/13/powershell-for-keepass-sample-script
https://twitter.com/cyb3rops/status/631712967244009472
http://t.co/Ar3yMfGomo
http://seclist.us/harness-interactive-remote-powershell-payload.html
https://twitter.com/cyb3rops/status/631582537622663168
https://t.co/MVHoAOIoPM
https://blog.docker.com/2015/08/content-trust-docker-1-8/
https://twitter.com/cyb3rops/status/631524794626887681
https://t.co/yCbbQUr0AD
https://blogs.securiteam.com/index.php/archives/2550
https://twitter.com/cyb3rops/status/631524372562489344
http://t.co/JXGTJmTLXy
http://seclist.us/updates-the-backdoor-factory-bdf-v-3-1-2-patch-pe-elf-mach-o-binaries-with-shellcode.html
https://twitter.com/cyb3rops/status/631523763927023616
http://t.co/BzqaUDvJmV
http://securityaffairs.co/wordpress/39301/cyber-crime/microsoft-fixes-usb-exploit.html
https://twitter.com/cyb3rops/status/631514817799585792
https://t.co/i3iVYYKQwX
https://t.co/04BkoTOjfW
https://www.hybrid-analysis.com/sample/c9d01fa8c416b3a61b484e9acaf98924055afd2498f2677a6cdb3fce8461412d?environmentId=5
https://www.virustotal.com/en/file/9baff6ca6c59472709d4ca39aa0366231f3e0d2c7d4120baf75e4b2bacee4b62/analysis/
https://twitter.com/cyb3rops/status/631489102865657860
https://twitter.com/cyb3rops/status/631487107962421252
https://twitter.com/cyb3rops/status/631478534142357504
https://t.co/e4u1kXNDFz
https://isc.sans.edu/diary.html?storyid=20029&rss
https://twitter.com/cyb3rops/status/631478436842840064
https://t.co/UoMn6rSJdR
https://securityintelligence.com/tinba-trojan-sets-its-sights-on-romania/
https://twitter.com/cyb3rops/status/631463989919264769
http://t.co/t0LGQcDUpD
https://t.co/frdlcLjZOn
http://blog.shadowserver.org/2015/08/10/the-italian-connection-an-analysis-of-exploit-supply-chains-and-digital-quartermasters/
https://www.virustotal.com/en/file/15f200e6906c1e1f9526c077928a8ba315f089d535357f0b29227733080a588e/analysis/
https://twitter.com/cyb3rops/status/631444964975726593
http://t.co/2ubu6sPuw7
http://contagiodump.blogspot.de/2015/08/potao-express-samples.html
https://twitter.com/cyb3rops/status/631444554688897024
http://t.co/TcwRM9hWkj
http://ift.tt/1IYFzGL
https://twitter.com/cyb3rops/status/631439465177874432
http://t.co/ZAPnmKkNUq
http://aaronyool.blogspot.de/2015/08/hax-4-snacks-part-1.html?m=1
https://twitter.com/cyb3rops/status/631434344268214272
https://t.co/QnnWgR2gha
https://www.blackhat.com/docs/us-14/materials/us-14-Kamluk-Computrace-Backdoor-Revisited-WP.pdf
https://twitter.com/cyb3rops/status/631431776112656385
https://t.co/QnnWgR2gha
https://www.blackhat.com/docs/us-14/materials/us-14-Kamluk-Computrace-Backdoor-Revisited-WP.pdf
https://twitter.com/cyb3rops/status/631196921416318976
http://t.co/PWyTuU17Kz
http://arstechnica.com/information-technology/2015/08/the-nsa-playset-espionage-tools-for-the-rest-of-us/
https://twitter.com/cyb3rops/status/631196277120868352
https://t.co/0OLVPzr8i9
https://community.rapid7.com/community/metasploit/blog/2015/08/11/metasploit-local-exploit-suggester-do-less-get-more
https://twitter.com/cyb3rops/status/631196087148281856
http://t.co/AA2jzmgSNX
http://www.fireeye.com/blog/threat-research/2015/08/malware_lateral_move.html
https://twitter.com/cyb3rops/status/631158498462724096
http://t.co/Xbs8H0ndvK
https://t.co/4EmhYUxUWc
http://Kali.org
https://www.reddit.com/r/hacking/comments/3glt87/kali_linux_20_kali_sana_released_download_here_at/
https://twitter.com/cyb3rops/status/631121799766536192
http://t.co/owGe0cZtu1
http://arstechnica.com/information-technology/2015/08/oracle-security-chief-to-customers-stop-checking-our-code-for-vulnerabilities/
https://twitter.com/cyb3rops/status/631099273346727936
http://t.co/wHWzrxtKG5
http://seclist.us/poc-wmi_backdoor-is-a-crude-wmi-backdoor-disclousure.html
https://twitter.com/cyb3rops/status/631097861078429696
http://t.co/U2YFs5wlwY
http://securityaffairs.co/wordpress/39270/cyber-crime/vbe-files-financial-fraud.html
https://twitter.com/cyb3rops/status/630973570064248832
http://t.co/t0LGQcDUpD
http://blog.shadowserver.org/2015/08/10/the-italian-connection-an-analysis-of-exploit-supply-chains-and-digital-quartermasters/
https://twitter.com/cyb3rops/status/630972865349844992
http://t.co/050JGdWShZ
http://sockpuppet.org/blog/2015/08/04/is-extended-random-malicious/
https://twitter.com/cyb3rops/status/630828899799318528
https://t.co/8dn3o4p1fw
https://isc.sans.edu/diary.html?storyid=20019&rss
https://twitter.com/cyb3rops/status/630812886236065792
https://t.co/nj7dxkFyCn
https://github.com/minimaxir/big-list-of-naughty-strings
https://twitter.com/cyb3rops/status/630741008150609920
https://twitter.com/cyb3rops/status/630739402818473985
https://t.co/T0iQcDAvAD
https://securelist.com/blog/research/71713/darkhotels-attacks-in-2015/
https://twitter.com/cyb3rops/status/630709402845224960
http://t.co/ZSpW2aZPS0
http://researchcenter.paloaltonetworks.com/2015/08/whats-next-in-malware-after-kuluoz/
https://twitter.com/cyb3rops/status/630581620119064577
http://t.co/c5pC8ZbbPP
http://seclist.us/skypedestroyer-v-0-1-released-exploits-headers-and-the-skype-protocol.html
https://twitter.com/cyb3rops/status/630527747186642944
http://t.co/dXGDBBQ7Oh
http://blogs.technet.com/b/mmpc/archive/2015/08/09/emerging-ransomware-troldesh.aspx
https://twitter.com/cyb3rops/status/630482504512851969
https://twitter.com/cyb3rops/status/630480687141941249
https://twitter.com/cyb3rops/status/630480163193647104
http://t.co/8UUhsiNR9w
http://www.gmer.net
https://twitter.com/cyb3rops/status/630477594266308609
https://twitter.com/cyb3rops/status/630473823738064897
http://t.co/AyCdVorXoN
http://articles.forensicfocus.com/2015/07/29/nas-forensics-explained/
https://twitter.com/cyb3rops/status/630438548760592385
https://t.co/bcE8FBW1ko
https://github.com/securesean?tab=repositories
https://twitter.com/cyb3rops/status/630423533487792129
https://twitter.com/cyb3rops/status/630421508444323840
http://t.co/1kpgQhTTQZ
http://seclist.us/leakytap-released-is-a-proof-of-concept-gpg-backdoor.html
https://twitter.com/cyb3rops/status/630421304554991616
https://t.co/7ou827hTm7
https://github.com/p-e-w/krill
https://twitter.com/cyb3rops/status/630297810928275456
https://twitter.com/cyb3rops/status/630296392397926401
https://t.co/B5c2nAogtM
https://t.co/KpOQmNVNmX
https://malware-research.org/prepare-father-of-stuxnet-news-are-coming/
https://github.com/Neo23x0/Loki/blob/master/signatures/apt_cheshirecat.yar
https://twitter.com/cyb3rops/status/630270286110322688
http://t.co/faIb8wEwcp
http://blogs.cisco.com/security/talos/detecting-dga
https://twitter.com/cyb3rops/status/630266684692168704
https://t.co/jmRJEaSpKA
https://www.reddit.com/r/netsec/comments/3gbekl/x86_design_flaw_allowing_universal_privilege/
https://twitter.com/cyb3rops/status/630200586332274689
http://t.co/8qjGYSgqsG
http://blog.hackersonlineclub.com/2015/08/chinese-hackers-attack-on-american.html
https://twitter.com/cyb3rops/status/630200131858628608
https://twitter.com/cyb3rops/status/630167612924764160
https://twitter.com/cyb3rops/status/630164470560595968
https://t.co/q8FcEr1FUo
https://www.fireeye.com/blog/threat-research/2015/08/windows_managementi.html
https://twitter.com/cyb3rops/status/630130413181227008
http://t.co/lZazfLDKML
http://seclists.org/fulldisclosure/2015/Aug/21
https://twitter.com/cyb3rops/status/630125466410700800
https://t.co/fdFM9zjf3S
https://github.com/fireeye/flare-wmi/blob/master/WMI-IDS/README.md
https://twitter.com/cyb3rops/status/630121744666378240
https://t.co/pBRh3uiwXS
https://github.com/fireeye/flare-wmi/blob/master/python-cim/README.md
https://twitter.com/cyb3rops/status/630087335221305345
https://t.co/BU4Nb5jRpL
https://objective-see.com/products/dhs.html
https://twitter.com/cyb3rops/status/630064282928082944
https://twitter.com/cyb3rops/status/630047872122265600
http://t.co/SiDjXuYcL0
http://itsjack.cc/blog/2015/08/fighterpos-diy-malware/
https://twitter.com/cyb3rops/status/629916316472881152
http://t.co/asSZRGumpF
http://www.zdnet.com/article/hackers-can-remotely-steal-fingerprints-from-android-phones/
https://twitter.com/cyb3rops/status/629801094424752128
https://t.co/TMKYh8daLV
https://n0where.net/sql-injection-detection-engine-sqlchop/
https://twitter.com/cyb3rops/status/629795570090164226
https://t.co/DAdo3h8Bw6
https://github.com/Rich5/Harness/blob/master/README.md
https://twitter.com/cyb3rops/status/629783938261762048
http://t.co/xQqPahPJA5
http://seclist.us/acat-access-control-attack-tool.html
https://twitter.com/cyb3rops/status/629783617011621888
http://t.co/wDV8s19t1i
http://blog.malwarebytes.org/intelligence/2015/08/rainbows-steganography-and-malware-in-a-new-net-cryptor/
https://twitter.com/cyb3rops/status/629755230725517312
https://t.co/UlspvjZ0EF
https://www.microsoft.com/en-us/download/details.aspx?id=46899
https://twitter.com/cyb3rops/status/629745645528698880
https://t.co/dfHJ58HVBv
https://github.com/nidem/kerberoast/
https://twitter.com/cyb3rops/status/629726347301138432
http://t.co/RO2aKNadTd
http://aaronyool.blogspot.fi/2015/08/alphanumeric-shellcode-example-for.html?m=1
https://twitter.com/cyb3rops/status/629725097977376768
http://t.co/UsHqPFXo62
http://seclist.us/updates-netool-sh-v-4-5-mitm-pentesting-opensource-t00lkit.html
https://twitter.com/cyb3rops/status/629676209417396224
https://t.co/uNm714o5HB
https://github.com/torque59/Nosql-Exploitation-Framework/tree/master
https://twitter.com/cyb3rops/status/629658692795920384
https://t.co/UgdrfMWZYi
http://t.co/pZuYlnrJcN
https://github.com/Neo23x0/Loki/blob/master/signatures/apt_threatgroup_3390.yar
http://snip.ly/giNB
https://twitter.com/cyb3rops/status/629651243275784192
http://t.co/ru8AVZ7PtE
http://www.csoonline.com/article/2961066/supply-chain-security/ubiquiti-networks-victim-of-39-million-social-engineering-attack.html
https://twitter.com/cyb3rops/status/629644543160401920
http://t.co/zCPE9EIefS
http://www.zdnet.com/article/mozilla-urges-users-to-update-firefox-with-file-stealing-exploit-in-wild
https://twitter.com/cyb3rops/status/629474187351035904
http://t.co/9ItU1iD7AL
http://seclist.us/updates-the-backdoor-factory-bdf-v-3-1-0-patch-pe-elf-mach-o-binaries-with-shellcode.html
https://twitter.com/cyb3rops/status/629474097433575424
https://t.co/euIsOJfHmQ
https://github.com/urbenlegend/netimpair
https://twitter.com/cyb3rops/status/629365946755510280
http://t.co/bcery7trwz
http://blog.malwarebytes.org/exploits-2/2015/08/chinese-actors-copy-and-paste-hackingteam-zero-days-in-site-hack/
https://twitter.com/cyb3rops/status/629351184306937856
http://t.co/g9TO48xJkM
http://blog.checkpoint.com/2015/08/06/certifigate/
https://twitter.com/cyb3rops/status/629328964155215872
https://t.co/NJWDhrsQNq
https://www.nostarch.com/rootkits
https://twitter.com/cyb3rops/status/629328074077769728
http://t.co/uuRpmtJxQd
http://blog.airbuscybersecurity.com/post/2015/06/Latest-improvements-in-PlugX
https://twitter.com/cyb3rops/status/629327976077873152
http://t.co/61RJmtGfjB
http://www.seculert.com/blog/2015/08/dga-changer-playing-the-imitation-game-with-sandboxes.html
https://twitter.com/cyb3rops/status/629327952896000000
http://t.co/lrvQRI1KGq
http://googleprojectzero.blogspot.com/2015/08/one-font-vulnerability-to-rule-them-all.html
https://twitter.com/cyb3rops/status/629325242578681856
https://twitter.com/cyb3rops/status/629319228445863936
https://t.co/N4QJHQEPju
https://blog.zimperium.com/stagefright-vulnerability-details-stagefright-detector-tool-released/
https://twitter.com/cyb3rops/status/629316658927116288
https://t.co/JKtCXEst8q
https://github.com/duydao/Text-Pastry/wiki/Examples
https://twitter.com/cyb3rops/status/629193068948946944
https://t.co/fqQSQ3XLof
https://securelist.com/blog/incidents/71741/the-rush-for-windows-10-infects-pcs-with-spy-trojan/
https://twitter.com/cyb3rops/status/629192525866233857
http://t.co/shSHwx1XUc
http://www.net-security.org/secworld.php?id=18720
https://twitter.com/cyb3rops/status/629192430374506496
http://t.co/EhjsIE4sEq
http://www.fireeye.com/blog/threat-research/2015/08/ios_masque_attackwe.html
https://twitter.com/cyb3rops/status/629192265894916096
https://t.co/2WetJPZQnA
https://blog.gdatasoftware.com/blog/article/two-major-it-security-myths-debunked.html
https://twitter.com/cyb3rops/status/629191741539753984
https://t.co/gw8i0XOxrN
https://www.imperva.com/docs/imperva_Hacker_Intelligence_Initiative_No22_Jul2015_NEW_FINAL.pdf
https://twitter.com/cyb3rops/status/629101884977098753
https://twitter.com/cyb3rops/status/629095412016762880
http://t.co/4Vm0VJLBB1
http://www.kitploit.com/2015/08/mpc-msfvenom-payload-creator.html
https://twitter.com/cyb3rops/status/629052002094436352
https://t.co/jQXHx2ER7x
https://n0where.net/lateral-movement/
https://twitter.com/cyb3rops/status/629016540445327360
http://t.co/uPBOn0cUpN
http://t.co/uPBOn0cUpN
http://www.secureworks.com/resources/blog/revealing-the-cyber-kraken/
http://www.secureworks.com/resources/blog/revealing-the-cyber-kraken/
https://twitter.com/cyb3rops/status/629014655042756608
http://t.co/BE4xu6UElA
http://arstechnica.com/security/2015/08/google-pushes-update-for-critical-android-bug-but-wont-say-if-its-fixed/
https://twitter.com/cyb3rops/status/628976831383891972
http://t.co/Prpz01n8vh
http://blog.malwarebytes.org/botnets/2015/08/whos-behind-your-proxy-uncovering-bunitus-secrets/
https://twitter.com/cyb3rops/status/628929404299800576
http://t.co/BSckbry4P3
http://HexEd.it
https://twitter.com/cyb3rops/status/628926549950103552
https://twitter.com/cyb3rops/status/628902689347371008
https://t.co/ogWqayoaox
https://www.virustotal.com/en/file/78e8dfc723a97c319b6cc5e9d0284b06962913678e5e20e40d0876fe3cf24cd1/analysis/
https://twitter.com/cyb3rops/status/628898174980243456
http://t.co/jaVZTx3c50
http://www.openwall.com/lists/oss-security/2015/08/04/8
https://twitter.com/cyb3rops/status/628897698851233793
http://t.co/ckSFPlPgPV
http://noxxi.de/research/sophos-utm-webprotection-bypass2.html
https://twitter.com/cyb3rops/status/628719607428304896
http://t.co/yCrfpiHEhD
http://www.darknet.org.uk/2015/08/fruitywifi-wireless-network-auditing-tool/
https://twitter.com/cyb3rops/status/628713470511464449
https://t.co/oGnUrDvw69
https://github.com/Neo23x0/Loki/blob/master/signatures/apt_terracotta.yar
https://twitter.com/cyb3rops/status/628679248803442688
https://twitter.com/cyb3rops/status/628632259281715200
https://t.co/yAMMS9ceGu
https://blog.cloudflare.com/a-deep-look-at-cve-2015-5477-and-how-cloudflare-virtual-dns-customers-are-protected/
https://twitter.com/cyb3rops/status/628631641091653632
http://t.co/DNJGjybmXx
http://www.kitploit.com/2015/08/blackarch-linux-v20150731-penetration.html
https://twitter.com/cyb3rops/status/628581315022032896
http://t.co/Rjnlt1zYUc
http://arstechnica.com/security/2015/08/dram-bitflipping-exploit-for-attacking-pcs-just-add-javascript/
https://twitter.com/cyb3rops/status/628568172157870080
http://t.co/FFovwcK6Ub
http://blog.checkpoint.com/2015/08/04/wordpress-vulnerabilities-1/
https://twitter.com/cyb3rops/status/628523202034147328
http://t.co/tuqfBfkQ54
http://securityaffairs.co/wordpress/39089/cyber-crime/rig-exploit-kit-3-0.html
https://twitter.com/cyb3rops/status/628523085956808704
http://t.co/lCyKbYdt0g
http://blog.malwarebytes.org/mac/2015/08/dyld_print_to_file-exploit-found-in-the-wild/
https://twitter.com/cyb3rops/status/628522700957437952
http://t.co/B25mQi8ANB
https://t.co/nSlwDdvuIS
http://www.net-security.org/malware_news.php?id=3085
https://github.com/sektioneins/SUIDGuard/blob/master/README.md
https://twitter.com/cyb3rops/status/628520268504387584
https://t.co/pBMKcuHx53
https://www.blueliv.com/research/blueliv-discovers-the-alina-variant-joker/
https://twitter.com/cyb3rops/status/628401878548770816
http://t.co/ZGPE9RTXRT
http://arstechnica.com/security/2015/08/0-day-bug-in-fully-patched-os-x-comes-under-active-exploit-to-hijack-macs/
https://twitter.com/cyb3rops/status/628325900241735680
https://t.co/f4nlvOsnXE
https://twitter.com/EFF/status/628273868474482690
https://twitter.com/cyb3rops/status/628319185777618944
http://t.co/uyvsdrmcTn
http://www.forensicfocus.com/News/article/sid=2471/
https://twitter.com/cyb3rops/status/628318700974833664
http://t.co/UCoQRTuVLc
http://www.wired.com/2015/08/researchers-create-first-firmware-worm-attacks-macs/
https://twitter.com/cyb3rops/status/628317732082163713
http://t.co/nT9EiU5w2s
http://blog.gdssecurity.com/labs/2015/8/3/ssh-weak-diffie-hellman-group-identification-tool.html
https://twitter.com/cyb3rops/status/628227038508400640
http://t.co/zFYxdZ63mz
http://www.net-security.org/secworld.php?id=18701
https://twitter.com/cyb3rops/status/628216782998925312
http://t.co/GLM0rhodvg
http://arstechnica.com/security/2015/08/exploits-start-against-flaw-that-could-hamstring-huge-swaths-of-internet/
https://twitter.com/cyb3rops/status/628210565207490560
http://t.co/daMCNHFGF0
http://www.unicorn-engine.org
https://twitter.com/cyb3rops/status/628208125397606400
https://twitter.com/cyb3rops/status/628205874801156096
http://t.co/839OIfJD8G
http://securityintelligence.com/memgc-use-after-free-exploit-mitigation-in-edge-and-ie-on-windows-10/
https://twitter.com/cyb3rops/status/628184933375283200
http://t.co/MejzEzaR26
http://www.net-security.org/secworld.php?id=18698
https://twitter.com/cyb3rops/status/628184763837378560
https://t.co/qimang16KC
https://asert.arbornetworks.com/automating-intelligence-discovering-recent-plugx-campaigns-programmatically/
https://twitter.com/cyb3rops/status/628039107793522688
https://t.co/pEpiCObIoV
https://github.com/robdmc/pandashells/
https://twitter.com/cyb3rops/status/628035955442757632
http://t.co/1gAbuBAqw4
http://blog.didierstevens.com/2015/08/03/jump-list-forensics/
https://twitter.com/cyb3rops/status/627948126331117568
http://t.co/Bek7Ab6CvF
http://youtu.be/qDvfQ5gZ-Jw
https://twitter.com/cyb3rops/status/627947288921526273
https://twitter.com/cyb3rops/status/627946076935442432
https://twitter.com/cyb3rops/status/627857509106216960
https://twitter.com/cyb3rops/status/627856341231497216
http://t.co/melrNY0W7n
http://adsecurity.org/?p=1632
https://twitter.com/cyb3rops/status/627800167836741632
https://t.co/o3p172Io87
https://blog.torproject.org/blog/technical-summary-usenix-fingerprinting-paper
https://twitter.com/cyb3rops/status/627616090554793984
https://twitter.com/cyb3rops/status/627550592446148608
http://t.co/68I77qniAt
http://volatility-labs.blogspot.com/2015/08/recovering-teamviewer-and-other.html
https://twitter.com/cyb3rops/status/627550385654341633
http://t.co/d6VxpNTcKF
http://holisticinfosec.blogspot.com/2015/08/toolsmith-there-is-no-privacy-hook.html
https://twitter.com/cyb3rops/status/627458023708061696
http://t.co/jo9m85vkNW
http://www.forbes.com/sites/thomasbrewster/2015/07/31/bitdefender-hacked/
https://twitter.com/cyb3rops/status/627424673249280000
http://t.co/4xkF3xTJqO
http://securityaffairs.co/wordpress/39008/cyber-crime/angler-exploit-kit-infect-pos.html
https://twitter.com/cyb3rops/status/627293478146301952
https://t.co/UtGcBDcks2
https://community.rapid7.com/community/metasploit/blog/2015/07/31/supporting-a-64-bits-renderer-on-flash-cve-2015-5119
https://twitter.com/cyb3rops/status/627293379156557825
http://t.co/JMMTFmvaK8
http://arstechnica.com/security/2015/07/new-attack-on-tor-can-deanonymize-hidden-services-with-surprising-accuracy/
https://twitter.com/cyb3rops/status/627211812669423616
https://twitter.com/cyb3rops/status/626975161716224000
http://t.co/HUNT6Bj0Nk
http://bokken.re/
https://twitter.com/cyb3rops/status/626925001321619456
http://t.co/gpB23fidIH
http://www.ehacking.net/2015/07/mffa-media-fuzzing-framework-for-android.html
https://twitter.com/cyb3rops/status/626924384498925568
http://t.co/soJkpmUSgj
http://blog.trendmicro.com/trendlabs-security-intelligence/flash-threats-not-just-in-the-browser/
https://twitter.com/cyb3rops/status/626832715619377152
https://t.co/TyHhUcKklV
https://github.com/dbcli/mycli/blob/master/README.md
https://twitter.com/cyb3rops/status/626783535412719616
https://t.co/t6oxZL72Gh
https://www.fireeye.com/blog/threat-research/2015/07/cve-2015-0097_exploi.html
https://twitter.com/cyb3rops/status/626783045941620736
http://t.co/cJjhCLf0jx
http://arstechnica.com/security/2015/07/major-flaw-could-let-lone-wolf-hacker-bring-down-huge-swath-of-internet/
https://twitter.com/cyb3rops/status/626774390563319808
https://t.co/3jiudEMLsT
https://github.com/eset/malware-ioc/blob/master/potao/PotaoNew.yara
https://twitter.com/cyb3rops/status/626721447357116416
http://t.co/KP473W9WvV
http://blog.erratasec.com/2015/07/a-quick-review-of-bind9-code.html
https://twitter.com/cyb3rops/status/626721299587596288
https://t.co/qKqDibA9qE
https://www.blueliv.com/corporate/are-your-ips-infected-check-it-now/
https://twitter.com/cyb3rops/status/626715728729755648
http://t.co/mdVo5HB6oR
http://www.welivesecurity.com/2015/07/30/operation-potao-express/
https://twitter.com/cyb3rops/status/626695649346588672
http://t.co/SaTnBtkmpt
http://securityblog.gr/2865/control-dns-responses/
https://twitter.com/cyb3rops/status/626645166116442112
http://t.co/tWWP80aZSh
http://research.zscaler.com/2015/07/anatomy-of-scamware-network-multiplug.html?m=1
https://twitter.com/cyb3rops/status/626520838314020864
http://t.co/flRBgUgnRI
http://www.darknet.org.uk/2015/07/drones-tor-remailers-the-story-of-a-high-tech-kidnapping/
https://twitter.com/cyb3rops/status/626503970731749376
http://t.co/YFxoWDqeqm
http://www.bloomberg.com/news/articles/2015-07-29/china-tied-hackers-that-hit-u-s-said-to-breach-united-airlines
https://twitter.com/cyb3rops/status/626497551064301572
https://t.co/QeWEQw2qOs
https://github.com/MozillaSecurity/funfuzz
https://twitter.com/cyb3rops/status/626496661192318976
http://t.co/Qch453ebs8
http://www.wired.com/2015/07/hackers-can-disable-sniper-rifleor-change-target/
https://twitter.com/cyb3rops/status/626405864526757894
https://t.co/Safeemwr2N
https://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/the-black-vine-cyberespionage-group.pdf
https://twitter.com/cyb3rops/status/626144382043951104
https://t.co/D4mt6Aurfv
https://community.rapid7.com/community/services/blog/2015/07/28/q-a-from-the-incident-response-investigation-webcast-storming-the-breach-part-1-initial-infection-vector
https://twitter.com/cyb3rops/status/626143497825964032
http://t.co/0KdWtSd1Ym
http://arstechnica.com/security/2015/07/how-the-way-you-type-can-shatter-anonymity-even-on-tor/
https://twitter.com/cyb3rops/status/626138339004051456
https://t.co/TYve9pdLB3
https://isc.sans.edu/diary.html?storyid=19971&rss
https://twitter.com/cyb3rops/status/626084292578443264
http://t.co/MSmFPuzo6i
http://www.kitploit.com/2015/07/bwa-owasp-broken-web-applications.html
https://twitter.com/cyb3rops/status/626074535037673472
https://t.co/vocTVNYeCR
https://isc.sans.edu/diary.html?storyid=19967&rss
https://twitter.com/cyb3rops/status/626067613328769024
http://t.co/coNGYeoT7F
http://isitapt.com/
https://twitter.com/cyb3rops/status/626065503111540736
https://t.co/YFu5FP1Lff
https://ninite.com/
https://twitter.com/cyb3rops/status/626053268137988096
http://t.co/WxUyXIvaeu
http://larsenwork.com/monoid/
https://twitter.com/cyb3rops/status/626047929334284288
https://t.co/guY6HoecQf
https://github.com/yaronn/blessed-contrib
https://twitter.com/cyb3rops/status/626047351724097536
http://t.co/MxYc59pBqP
http://www.net-security.org/secworld.php?id=18675
https://twitter.com/cyb3rops/status/626047235235684352
http://t.co/wa0If5pArf
http://arstechnica.com/security/2015/07/group-that-hacked-anthem-shared-weaponized-0-days-with-rival-attackers/
https://twitter.com/cyb3rops/status/626042680620007424
https://t.co/1QPQSmJqGt
https://www.twilio.com/blog/2015/07/how-to-protect-your-android-device-from-stagefright-exploit.html
https://twitter.com/cyb3rops/status/626038767753760769
http://t.co/O62mkbkk7a
http://blog.portswigger.net/2015/07/noscript-xss-filter-bypass.html?m=1
https://twitter.com/cyb3rops/status/626019544415490052
http://t.co/VgeCetqOyz
http://blog.infobytesec.com/2015/07/cross-distribution-exploit-testing.html?m=1
https://twitter.com/cyb3rops/status/625775874131001344
http://t.co/SZWhaJJHGX
http://researchcenter.paloaltonetworks.com/2015/07/ups-observations-on-cve-2015-3113-prior-zero-days-and-the-pirpi-payload/
https://twitter.com/cyb3rops/status/625744829784412164
http://t.co/wIRyYazlVG
http://mail.delicious.com/
https://twitter.com/cyb3rops/status/625741552594329600
https://t.co/wSwh3v1Efm
https://www.mockaroo.com/?ref=producthunt
https://twitter.com/cyb3rops/status/625740974652825600
https://t.co/eGGJ63Mf2F
https://github.com/warner/magic-wormhole/blob/master/README.md
https://twitter.com/cyb3rops/status/625696535062441984
https://t.co/CoQXyV8fh3
https://github.com/PlagueScanner/PlagueScanner/blob/master/README.md
https://twitter.com/cyb3rops/status/625670079653519360
http://t.co/67aakYI0AQ
http://t.co/4P1VNHxjMK
http://ForensicFocus.com
http://m.forensicfocus.com/?url=http%3A%2F%2Fwww.forensicfocus.com%2FNews%2Farticle%2Fsid%3D2467%2F&utm_referrer=http%3A%2F%2Ffeedly.com%2Findex.html#2700
https://twitter.com/cyb3rops/status/625636427703930880
http://t.co/cd50sy42Ca
http://arstechnica.com/security/2015/07/advanced-spyware-for-android-now-available-to-script-kiddies-everywhere/
https://twitter.com/cyb3rops/status/625619926296981504
http://t.co/YQyie0pA1A
http://blog.jpcert.or.jp/2015/07/poisonivy-adapts-to-communicate-through-authentication-proxies.html
https://twitter.com/cyb3rops/status/625601477961236480
http://t.co/ZvsNwPV4jb
http://www.malwaretech.com/2015/07/darkode-returns-following-international.html
https://twitter.com/cyb3rops/status/625232659497779200
https://t.co/gpvBponDDC
https://github.com/kevthehermit/RATDecoders
https://twitter.com/cyb3rops/status/625035021687123968
https://t.co/lWLK9Ds5R7
https://cymon.io/
https://twitter.com/cyb3rops/status/625014040109142016
https://twitter.com/cyb3rops/status/624987577184059392
http://t.co/Itp7aFSHM2
http://www.kitploit.com/2015/07/ivre-python-network-recon-framework.html
https://twitter.com/cyb3rops/status/624935559937527808
https://twitter.com/cyb3rops/status/624900990660157440
https://twitter.com/cyb3rops/status/624893050884632576
https://t.co/8n7pax35rv
https://govolution.wordpress.com/2015/07/14/a-basic-keylogger-for-windows
https://twitter.com/cyb3rops/status/624886305491652608
https://t.co/ZfJ1I9adGW
https://twitter.com/DanielX4v3r/status/624721362893053952
https://twitter.com/cyb3rops/status/624852433978675200
https://t.co/BkpgLa3qWk
https://www.hybrid-analysis.com/sample/fe71a64ac5d24117440e75743203660ec01a417fb8c309f733227b9dcaa11ed0?environmentId=2
https://twitter.com/cyb3rops/status/624849762651607040
https://twitter.com/cyb3rops/status/624846108792070144
http://t.co/fdcisKM03Z
http://analysis.com/sample/fe71a64ac5d24117440e75743203660ec01a417fb8c309f733227b9dcaa11ed0?environmentId=2
https://twitter.com/cyb3rops/status/624823015562420224
http://t.co/T5hdRoZYP5
http://www.kahusecurity.com/2015/webshell-with-booby-trap/
https://twitter.com/cyb3rops/status/624657230848229377
http://t.co/nuswPNExRb
http://securityblog.gr/2858/parsing-json-in-c/
https://twitter.com/cyb3rops/status/624655552421982208
https://twitter.com/cyb3rops/status/624627424064630787
https://t.co/XtIXOIBM69
https://n0where.net/windows-powershell-llmnrnbns-spoofer-inveigh/
https://twitter.com/cyb3rops/status/624584670508883968
https://t.co/op7x4bEV3S
https://www.trustedsec.com/july-2015/malicious-htas/
https://twitter.com/cyb3rops/status/624568140727500800
https://t.co/N2amBs3g8z
https://msdn.microsoft.com/en-us/library/cc704588.aspx
https://twitter.com/cyb3rops/status/624531759628206080
https://t.co/V2KhHwo0ZZ
https://www.endgame.com/blog/examining-malware-python
https://twitter.com/cyb3rops/status/624518324970516480
https://t.co/smZF4krWOz
https://bitbucket.org/Ft44k/yavol/
https://twitter.com/cyb3rops/status/624481575384780800
https://twitter.com/cyb3rops/status/624471409666998272
http://t.co/35BgGecwSl
http://www.procdot.com/index.htm
https://twitter.com/cyb3rops/status/624466451571810304
http://t.co/cIllJhfn2g
http://blog.lifars.com/2015/05/27/jawfish-a-self-modifying-pentest-tool/
https://twitter.com/cyb3rops/status/624344501239312384
https://t.co/9E4jqfbRjL
https://github.com/dbcli/pgcli/blob/master/README.rst
https://twitter.com/cyb3rops/status/624327399753191427
https://t.co/aHGAoDcyWU
https://www.trustedsec.com/july-2015/the-social-engineer-toolkit-set-v6-5-mr-robot-released/
https://twitter.com/cyb3rops/status/624327329750192128
http://t.co/Urq8umEueQ
http://www.kitploit.com/2015/07/passgen-random-character-generator.html
https://twitter.com/cyb3rops/status/624327281557639168
http://t.co/Z4SWGcFjeC
http://seclists.org/fulldisclosure/2015/Jul/110
https://twitter.com/cyb3rops/status/624271355459076096
http://t.co/z0W1QE0PSQ
http://arstechnica.com/security/2015/07/fully-patched-internet-explorer-menaced-by-a-whopping-4-code-execution-bugs/
https://twitter.com/cyb3rops/status/624231218213711872
http://t.co/wkO5t0lKzy
http://www.kitploit.com/2015/07/lynis-211-security-auditing-tool-for.html
https://twitter.com/cyb3rops/status/624195351734538240
http://t.co/6oOuYjgAr6
http://pwc.blogs.com/cyber_security_updates/2015/07/pirpi-scanbox.html
https://twitter.com/cyb3rops/status/624195109022789632
https://t.co/sW29kLwAT8
https://securelist.com/blog/71582/zero-day-exploits-now-available-for-cars/
https://twitter.com/cyb3rops/status/624143141973721088
http://t.co/Bz7ecX3smf
http://securityintelligence.com/an-analysis-of-the-qadars-trojan/
https://twitter.com/cyb3rops/status/624105174576033792
https://t.co/P7UfrhC9R9
https://github.com/Neo23x0/Loki/blob/master/signatures/apt_cloudduke.yar
https://twitter.com/cyb3rops/status/624098773606756352
http://t.co/wbDPeXA1W3
http://arstechnica.com/security/2015/07/bug-in-latest-version-of-os-x-gives-attackers-unfettered-root-privileges/
https://twitter.com/cyb3rops/status/624098653247012864
http://t.co/gGBXjoOKLw
http://arstechnica.com/security/2015/07/hacking-team-may-not-have-had-a-backdoor-but-it-could-kill-client-installs/
https://twitter.com/cyb3rops/status/624098403669123072
http://t.co/xhvYhVsehy
http://www.malwaretech.com/2015/07/windows-10-system-call-stub-changes.html
https://twitter.com/cyb3rops/status/623913261499551744
http://t.co/z92juW9D7N
http://blog.ctf365.com/infographic-your-pentest-tools-arsenal/
https://twitter.com/cyb3rops/status/623909415012421633
https://twitter.com/cyb3rops/status/623891924936732672
http://t.co/Pgccp51Z1E
http://blog.malwarebytes.org/development/2015/07/introduction-to-alternate-data-streams/
https://twitter.com/cyb3rops/status/623878852432011264
https://t.co/1oyyG7oa7z
https://www.f-secure.com/weblog/archives/00002822.html
https://twitter.com/cyb3rops/status/623787054162419712
http://t.co/w2AvvUvmTt
https://t.co/IGFfKjXjYl
http://www.isightpartners.com/2015/07/microsoft-office-zero-day-cve-2015-2424-leveraged-by-tsar-team/
https://www.hybrid-analysis.com/sample/d93f22d46090bfc19ef51963a781eeb864390c66d9347e86e03bba25a1fc29c5/?environmentId=1
https://twitter.com/cyb3rops/status/623727434366627840
https://t.co/D7S25fLBdW
https://n0where.net/damn-vulnerable-ios-app-dvia/
https://twitter.com/cyb3rops/status/623710615471792128
https://t.co/dCaJx81kim
https://n0where.net/tunneling-cc-over-dns-dnscat2/
https://twitter.com/cyb3rops/status/623620042572341248
https://t.co/17QDQRYezb
https://github.com/facebook/wdt
https://twitter.com/cyb3rops/status/623616622989811712
http://t.co/WAn6KQUZv5
http://pastebin.com/hKfL8CLs
https://twitter.com/cyb3rops/status/623600766348066816
http://t.co/1783fNPwAV
http://arstechnica.com/security/2015/07/researcher-takes-umbrage-after-finding-his-code-in-hacking-team-malware/
https://twitter.com/cyb3rops/status/623586461858811905
http://t.co/iTYOWzwpN1
http://blog.checkpoint.com/2015/07/21/one-click-office-exploit-introducing-the-office-exploit-builder/
https://twitter.com/cyb3rops/status/623585874996015104
http://t.co/PPEPl9seEo
http://malware.dontneedcoffee.com/2015/07/cve-2015-1671.html
https://twitter.com/cyb3rops/status/623576528388009984
https://t.co/VvwgWFAHzK
https://github.com/Neo23x0/Loki/blob/master/signatures/exploit_cve_2015_2426.yar
https://twitter.com/cyb3rops/status/623561248932802560
https://t.co/y1lRAlIYAK
https://n0where.net/nosql-honeypot-framework-nopo/
https://twitter.com/cyb3rops/status/623538859977101312
http://t.co/Fi8Dz1Lc43
http://blog.checkpoint.com/2015/07/21/swiftkey-leaves-samsung-devices-susceptible-to-cybercrime/
https://twitter.com/cyb3rops/status/623529590158442496
https://t.co/fMrISX2hny
https://www.fireeye.com/blog/threat-research/2015/07/an_inside_look_into.html
https://twitter.com/cyb3rops/status/623524165346324480
https://twitter.com/cyb3rops/status/623459779067924480
https://t.co/oVfyiARH2A
https://github.com/yaronn/wopr/blob/master/README.md
https://twitter.com/cyb3rops/status/623459110554587136
https://t.co/GG482IaaEg
https://isc.sans.edu/diary.html?storyid=19945&rss
https://twitter.com/cyb3rops/status/623404796188454912
https://t.co/3AF3SzuBLg
https://t.co/l06UA85cOh
https://www.securusglobal.com/community/2013/12/20/dumping-windows-credentials/
https://github.com/gentilkiwi/mimikatz/wiki/module-~-sekurlsa#minidump
https://twitter.com/cyb3rops/status/623364845535145984
http://t.co/f7vsBvsEGh
http://blog.trendmicro.com/trendlabs-security-intelligence/hacking-team-leak-uncovers-another-windows-zero-day-ms-releases-patch/
https://twitter.com/cyb3rops/status/623245418948915200
https://t.co/Af9YyEtX7M
https://www.free-decompiler.com/flash/
https://twitter.com/cyb3rops/status/623225241934934016
https://twitter.com/cyb3rops/status/623220447459606529
http://t.co/MGPpYF9Mba
http://arstechnica.com/security/2015/07/italian-prosecutors-investigate-former-hacking-team-employees-for-role-in-hack/
https://twitter.com/cyb3rops/status/623220227329925120
http://t.co/L10hck7g0r
http://researchcenter.paloaltonetworks.com/2015/07/watering-hole-attack-on-aerospace-firm-exploits-cve-2015-5122-to-install-isspace-backdoor/
https://twitter.com/cyb3rops/status/623219903672287233
http://t.co/n8aAAHNTV6
http://www.darknet.org.uk/2015/07/dharma-generation-based-context-free-grammar-fuzzing-tool/
https://twitter.com/cyb3rops/status/623196146459127812
https://t.co/ph2r7tNK0l
https://twitter.com/Cyb3rOps/status/623176646300934144
https://twitter.com/cyb3rops/status/623178731625021440
http://t.co/kh4O4L6KcQ
http://www.ehacking.net/2015/07/sentry-bruteforce-attack-blocker.html
https://twitter.com/cyb3rops/status/623176646300934144
https://t.co/38U5kHIC59
https://technet.microsoft.com/en-us/library/security/MS15-078
https://twitter.com/cyb3rops/status/623147476426620928
http://t.co/mUFjgHxeLS
http://fishshell.com/
https://twitter.com/cyb3rops/status/623125021175742464
https://t.co/ublPdwdSsS
https://github.com/Neo23x0/Loki/blob/master/signatures/apt_minidionis.yar
https://twitter.com/cyb3rops/status/623076906192216065
https://t.co/PJWhMDR1yJ
https://github.com/zombodb/zombodb/blob/master/README.md
https://twitter.com/cyb3rops/status/623071257425260544
https://t.co/Q687Elm5Cu
https://github.com/rshipp/awesome-malware-analysis
https://twitter.com/cyb3rops/status/622709210615291904
https://t.co/N936DXyfuH
https://isc.sans.edu/diary/Autoruns+and+VirusTotal/19933
https://twitter.com/cyb3rops/status/622506106972184576
https://twitter.com/cyb3rops/status/622401662569848833
https://t.co/mV3zh2M4SB
https://www.bsk-consulting.de/apt-scanner-thor/
https://twitter.com/cyb3rops/status/622352491708051457
http://t.co/0H8EMpEgI9
http://www.forensicfocus.com/News/article/sid=2463/
https://twitter.com/cyb3rops/status/622289568314863616
http://t.co/hvd4gSywZT
http://seclists.org/fulldisclosure/2015/Jul/92
https://twitter.com/cyb3rops/status/622289250638237698
https://t.co/V8lKYw4AGb
https://raw.githubusercontent.com/OWASP/ASVS/master/OWASP%20Application%20Security%20Verification%20Standard%203.0.docx
https://twitter.com/cyb3rops/status/622288679185313792
https://t.co/cSlI5v2aQi
https://m.youtube.com/watch?v=rNdLm1O5uoY
https://twitter.com/cyb3rops/status/622287901632688128
https://t.co/0Y895L7mmk
https://github.com/evilsocket/bettercap/blob/master/README.md
https://twitter.com/cyb3rops/status/622117436016492544
https://t.co/2gWIN7dJ6r
https://github.com/psecio/iniscan
https://twitter.com/cyb3rops/status/622052954573545474
http://t.co/GLBfHVrJJp
http://blog.trendmicro.com/trendlabs-security-intelligence/analyzing-the-pawn-storm-java-zero-day-old-techniques-reused/
https://twitter.com/cyb3rops/status/622052910298460160
http://t.co/od7p3vt1l0
http://blog.hackersonlineclub.com/2015/07/snitch-tool-for-information-gathering.html
https://twitter.com/cyb3rops/status/622040894020190210
http://t.co/GxkbF6VrM3
http://securityintelligence.com/what-surfaces-from-the-deep-dark-web/
https://twitter.com/cyb3rops/status/621984219858882561
https://t.co/yLnCmhNom7
https://isc.sans.edu/diary.html?storyid=19931&rss
https://twitter.com/cyb3rops/status/621941430928412672
http://t.co/tG7CY0I6g6
http://blog.hackersonlineclub.com/2015/07/passgen-to-cracking-wpawpa2-keys.html
https://twitter.com/cyb3rops/status/621938451416510464
http://t.co/7vmzTY56Qs
http://arstechnica.com/information-technology/2015/07/windows-10-updates-to-be-automatic-and-mandatory-for-home-users/
https://twitter.com/cyb3rops/status/621938379802943488
http://t.co/dnoWxjQFRv
http://dfstream.blogspot.com/2015/07/adobe-readers-not-so-crecentfiles.html
https://twitter.com/cyb3rops/status/621769639220129792
https://twitter.com/cyb3rops/status/621762492537171969
http://t.co/bZMc0a9ASC
http://blog.trendmicro.com/trendlabs-security-intelligence/fake-news-app-in-hacking-team-dump-designed-to-bypass-google-play/
https://twitter.com/cyb3rops/status/621724566067507200
https://t.co/xRMSIx5aMG
https://community.rapid7.com/community/metasploit/blog/2015/07/16/the-new-metasploit-browser-autopwn-strikes-faster-and-smarter--part-2
https://twitter.com/cyb3rops/status/621707819742568448
https://t.co/hMMb9YY9rr
https://twitter.com/Cyb3rOps/status/621698143147696128
https://twitter.com/cyb3rops/status/621698916082393089
http://t.co/w2AvvUvmTt
http://www.isightpartners.com/2015/07/microsoft-office-zero-day-cve-2015-2424-leveraged-by-tsar-team/
https://twitter.com/cyb3rops/status/621698691229949952
http://t.co/zNOIYKfJjm
http://blog.trendmicro.com/trendlabs-security-intelligence/new-gamapos-threat-spreads-in-the-us-via-andromeda-botnet/
https://twitter.com/cyb3rops/status/621698143147696128
http://t.co/Xluc7Ferqt
http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Adobe-s-CVE-2015-5090-Updating-the-Updater-to-become-the-bossman/ba-p/6765412
https://twitter.com/cyb3rops/status/621647179199979520
http://t.co/MsCLoGy62E
http://grabify.link/
https://twitter.com/cyb3rops/status/621626756760477696
http://t.co/xrHN1qxucI
http://blog.trendmicro.com/trendlabs-security-intelligence/openssl-cve-2015-1793-separating-fact-from-hype/
https://twitter.com/cyb3rops/status/621626723503874048
https://t.co/vXTTIFrOeN
https://securelist.com/blog/research/71443/minidionis-one-more-apt-with-a-usage-of-cloud-drives/
https://twitter.com/cyb3rops/status/621607047994454016
http://t.co/BUWeZCSckf
http://securityblog.gr/2841/reversing-with-dumpbin/
https://twitter.com/cyb3rops/status/621589201885241344
https://t.co/IegdcMYHhc
https://github.com/idanr1986/cuckoo-droid
https://twitter.com/cyb3rops/status/621564609472929792
https://twitter.com/cyb3rops/status/621564162737577984
http://t.co/o26jNQvaZA
http://arstechnica.com/security/2015/07/once-theoretical-crypto-attack-against-https-now-verges-on-practicality/
https://twitter.com/cyb3rops/status/621564093263138816
http://t.co/wpsgaAQ074
http://adsecurity.org/?p=1588
https://twitter.com/cyb3rops/status/621563869010526208
http://t.co/fd3eg84xL1
http://blog.malwaremustdie.org/2015/07/mmd-0037-2015-bad-shellshock.html
https://twitter.com/cyb3rops/status/621401969371021313
http://t.co/CrOvhKlcu1
http://arstechnica.com/tech-policy/2015/07/criminal-hacking-bazaar-darkode-is-dismantled-and-70-members-are-busted/
https://twitter.com/cyb3rops/status/621400139828211712
https://t.co/1iwZmtLhmM
https://github.com/Rurik/Noriben
https://twitter.com/cyb3rops/status/621348699063603200
https://t.co/jQkmVAB4cX
https://community.rapid7.com/community/metasploit/blog/2015/07/15/the-new-metasploit-browser-autopwn-strikes-faster-and-smarter--part-1
https://twitter.com/cyb3rops/status/621334937757745152
http://t.co/3KNSE5lmWr
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
https://twitter.com/cyb3rops/status/621329530196787200
http://t.co/Y45HulTklN
http://securityaffairs.co/wordpress/38601/cyber-crime/fbi-hacking-team-tor.html
https://twitter.com/cyb3rops/status/621329255377596417
https://t.co/56IUPgjbfL
https://blog.malwarebytes.org/news/2015/07/introducing-malwarebytes-anti-malware-for-mac/
https://twitter.com/cyb3rops/status/621275059328520192
https://t.co/xTmPdBoKxm
https://securelist.com/blog/research/71371/teslacrypt-2-0-disguised-as-cryptowall/
https://twitter.com/cyb3rops/status/621257423056203777
http://t.co/AijWdXiZZT
http://www.net-security.org/secworld.php?id=18629
https://twitter.com/cyb3rops/status/621245761351720960
https://t.co/6EYhnF1DK3
https://github.com/guelfoweb/peframe
https://twitter.com/cyb3rops/status/621237063443193856
https://t.co/jpmUfjrVTG
https://github.com/tomchop/malcom
https://twitter.com/cyb3rops/status/621235806485803008
http://t.co/XamYesc2Oe
http://blog.trendmicro.com/trendlabs-security-intelligence/hideouts-for-lease-the-silent-role-of-bulletproof-hosting-services-in-cybercriminal-operations/
https://twitter.com/cyb3rops/status/621216379761467392
http://t.co/IcXDHNCvHM
http://www.welivesecurity.com/2015/07/15/spoofed-urls-homograph-attacks-revisited/
https://twitter.com/cyb3rops/status/621196681909018624
https://t.co/cYNjSOyhZg
https://heimdalsecurity.com/blog/the-never-ending-zero-day-microsoft-shuts-down-antimalware-support-for-windows-xp-users/
https://twitter.com/cyb3rops/status/621188378323755008
https://t.co/06S5j4k43U
https://www.trustedsec.com/july-2015/magic-unicorn-v2-0-released/
https://twitter.com/cyb3rops/status/621188273168347136
http://t.co/pTJFkldN1O
http://blog.trendmicro.com/trendlabs-security-intelligence/an-in-depth-look-at-how-pawn-storms-java-zero-day-was-used/
https://twitter.com/cyb3rops/status/621076298857844736
http://t.co/B5EN05iLi6
http://researchcenter.paloaltonetworks.com/2015/07/tracking-minidionis-cozycars-new-ride-is-related-to-seaduke/
https://twitter.com/cyb3rops/status/621052964602540032
http://t.co/PrvLvO3mhA
http://securityintelligence.com/dyre-malware-takes-summer-holiday-in-spain/
https://twitter.com/cyb3rops/status/621052738336649216
http://t.co/7IB1b73eoW
http://n0where.net/python-network-recon-framework-ivre/
https://twitter.com/cyb3rops/status/621052583625510912
http://t.co/DXxI79fKQp
http://blog.erratasec.com/2015/07/how-to-build-your-own-proxyham.html
https://twitter.com/cyb3rops/status/621014128900091905
http://t.co/0XLsZMrmwp
http://researchcenter.paloaltonetworks.com/2015/07/unit-42-technical-analysis-seaduke/
https://twitter.com/cyb3rops/status/621014014072590336
http://t.co/MJeGpMll4D
http://www.net-security.org/secworld.php?id=18627
https://twitter.com/cyb3rops/status/621013940814893056
http://t.co/2V6mRIhKFz
http://blog.trendmicro.com/trendlabs-security-intelligence/gifts-from-hacking-team-continue-ie-zero-day-added-to-mix/
https://twitter.com/cyb3rops/status/620949929679302656
http://t.co/Mp7XdFPq2f
http://www.welivesecurity.com/2015/07/14/operation-liberpy-keyloggers-information-theft-latin-america/
https://twitter.com/cyb3rops/status/620894234527334400
http://t.co/mFbE7gZAnW
http://www.forensicfocus.com/News/article/sid=2457/
https://twitter.com/cyb3rops/status/620893855269945344
https://t.co/Wq9rqYX36k
https://asert.arbornetworks.com/flu-season-starting-early-the-h1n1-loader/
https://twitter.com/cyb3rops/status/620705206137921536
http://t.co/Ka5Kr1yq8W
http://blog.trendmicro.com/trendlabs-security-intelligence/hacking-team-uses-uefi-bios-rootkit-to-keep-rcs-9-agent-in-target-systems/
https://twitter.com/cyb3rops/status/620705151570063360
http://t.co/qH6j8iHl7r
http://blog.malwarebytes.org/intelligence/2015/07/revisiting-the-bunitu-trojan/
https://twitter.com/cyb3rops/status/620704438827749377
http://t.co/OnuGPP3t34
http://www.darknet.org.uk/2015/07/egress-assess-test-network-egress-data-detection/
https://twitter.com/cyb3rops/status/620649691995336705
http://t.co/RGnyRyyWVD
http://seclists.org/fulldisclosure/2015/Jul/61
https://twitter.com/cyb3rops/status/620649290403311616
http://t.co/b60kpNtVsh
http://www.fireeye.com/blog/threat-research/2015/07/demonstrating_hustle.html
https://twitter.com/cyb3rops/status/620630606611914752
http://t.co/WfrP2dB46N
http://www.virusbtn.com/blog/2015/07_13.xml?rss
https://twitter.com/cyb3rops/status/620625690380115969
http://t.co/dpsPw2NmwG
http://sshkeybox.com/?ref=producthunt
https://twitter.com/cyb3rops/status/620507836058083328
https://t.co/VVqnGnteb3
https://t.co/7HCWyw9YvU
https://github.com/Neo23x0/Loki
https://github.com/Neo23x0/Loki/blob/master/signatures/thor_inverse_matches.yar
https://twitter.com/cyb3rops/status/620506205358833664
https://t.co/LK5J0R7Omx
https://t.co/QwwYW9afyB
https://t.co/jkMueQIjpM
https://www.bsk-consulting.de/2015/03/10/apt-detection-is-about-metadata/
https://www.bsk-consulting.de/2014/05/27/inverse-yara-signature-matching/
https://www.bsk-consulting.de/2014/08/28/scan-system-files-manipulations-yara-inverse-matching-22/
https://twitter.com/cyb3rops/status/620460722460491776
http://t.co/gSKPv6oOGo
http://arstechnica.com/security/2015/07/hacking-team-orchestrated-brazen-bgp-hack-to-hijack-ips-it-didnt-own/
https://twitter.com/cyb3rops/status/620460629871185921
http://t.co/txBdgu5Dwt
http://blog.handlerdiaries.com/?p=901
https://twitter.com/cyb3rops/status/620310758971338752
https://t.co/oJtahnksHv
https://cyberarms.wordpress.com/2015/07/12/anti-virus-bypass-with-shellter-4-0-on-kali-linux/
https://twitter.com/cyb3rops/status/620302571937366016
https://twitter.com/cyb3rops/status/620222659645804544
https://t.co/dnCvmMzgb3
https://github.com/lukasschwab/stackit/blob/master/README.md
https://twitter.com/cyb3rops/status/620182596560011266
http://t.co/m0wjD8CnND
http://blog.hackersonlineclub.com/2015/07/breaking-isro-commercial-arm-antrix.html
https://twitter.com/cyb3rops/status/620107084877701123
https://t.co/L0F0qgCoel
https://github.com/hugows/hf/blob/master/README.md
https://twitter.com/cyb3rops/status/620105493655195648
http://t.co/CT2zL39ctz
http://www.nationalguard.mil/News/ArticleView/tabid/5563/Article/607769/army-national-guard-announces-data-breach-establishes-call-center.aspx
https://twitter.com/cyb3rops/status/619948367225966592
https://t.co/Z1nALBw9dr
https://transfer.sh
https://twitter.com/cyb3rops/status/619938862350139392
https://t.co/4K450S0wjp
https://github.com/kilianc/rtail/blob/develop/README.md
https://twitter.com/cyb3rops/status/619908796605964288
http://t.co/g22qA7OlDD
http://malware.dontneedcoffee.com/2015/07/cve-2015-5122-hackingteam-0d-two-flash.html
https://twitter.com/cyb3rops/status/619764518550401024
http://t.co/E68koGLKB1
http://blog.bofh.it/id_456
https://twitter.com/cyb3rops/status/619763622395428864
http://t.co/NtZQ5Nab8c
http://www.fireeye.com/blog/threat-research/2015/07/cve-2015-5122_-_seco.html
https://twitter.com/cyb3rops/status/619658059082792960
https://twitter.com/cyb3rops/status/619616009092243457
http://t.co/3YJBbP41ON
http://www.darknet.org.uk/2015/07/passgen-random-character-generator-wpawpa2-key-cracking/
https://twitter.com/cyb3rops/status/619577483810209792
http://t.co/Li2RRai2HR
http://blog.checkpoint.com/2015/07/10/adware-or-apt-snappea-downloader-an-android-malware-that-implements-12-different-exploits/
https://twitter.com/cyb3rops/status/619577400645578752
http://t.co/KXBZ4NyLFX
http://researchcenter.paloaltonetworks.com/2015/07/apt-group-ups-targets-us-government-with-hacking-team-flash-exploit/
https://twitter.com/cyb3rops/status/619550545452339200
https://t.co/l8CaB16TX1
https://community.rapid7.com/community/metasploit/blog/2015/07/10/msfcli-is-no-longer-available-in-metasploit
https://twitter.com/cyb3rops/status/619550100445089792
http://t.co/QeqXL5ba8e
http://blog.malwarebytes.org/malvertising-2/2015/07/directrev-malvertising-uses-self-sufficient-flash-0day/
https://twitter.com/cyb3rops/status/619522910932336642
http://t.co/hCDcIEaoqd
http://securityaffairs.co/wordpress/38493/cyber-crime/kofer-ransomware-campaign.html
https://twitter.com/cyb3rops/status/619490568272539649
https://t.co/toPZH3B0hu
https://github.com/kennethreitz/requests
https://twitter.com/cyb3rops/status/619489618321387521
https://t.co/lk4UfV5yUa
https://github.com/giMini/RWMC
https://twitter.com/cyb3rops/status/619488758388424704
https://t.co/Yv4SZXnjHu
https://github.com/chjj/ttystudio
https://twitter.com/cyb3rops/status/619487027390754816
https://twitter.com/cyb3rops/status/619438294796009472
https://t.co/XmXtMugN1l
https://github.com/Neo23x0/Loki/blob/master/signatures/apt_wildneutron.yar
https://twitter.com/cyb3rops/status/619393245290885120
http://t.co/SSxb5e3WPg
http://nullsecure.org/building-your-own-passivedns-feed/
https://twitter.com/cyb3rops/status/619391643473551360
http://t.co/nGCBcYrKVR
http://www.reddit.com/r/Malware/comments/3cqevn/tron_v639_20150709_adobe_flash_update_subtool/
https://twitter.com/cyb3rops/status/619225711602204672
http://t.co/Utrj5pVlr7
http://n0where.net/kali-linux-2-0/
https://twitter.com/cyb3rops/status/619197713834504192
https://twitter.com/cyb3rops/status/619197156071723009
https://twitter.com/cyb3rops/status/619167875417423872
https://twitter.com/cyb3rops/status/619145329766735872
https://twitter.com/cyb3rops/status/619125441660624896
https://twitter.com/cyb3rops/status/619054361172398080
http://t.co/Wo6Jxp0JY6
http://www.independent.co.uk/life-style/gadgets-and-tech/news/nyse-hacked-anonymous-warned-of-trouble-on-wall-street-hours-before-new-york-stock-exchange-computers-taken-offline-10376104.html
https://twitter.com/cyb3rops/status/619032715363532800
https://t.co/vHfvdKPak6
https://code.google.com/p/google-security-research/issues/detail?id=325
https://twitter.com/cyb3rops/status/618856683532648448
http://t.co/Y7wghJJYaw
http://blogs.cisco.com/security/talos/darkkomet-rat-spam
https://twitter.com/cyb3rops/status/618841152507277312
http://t.co/GkbMTnrNCb
http://blog.trendmicro.com/trendlabs-security-intelligence/hacking-team-flash-zero-day-tied-to-attacks-in-korea-and-japan-on-july-1/
https://twitter.com/cyb3rops/status/618840460140875776
https://t.co/fcIDVRUnMp
https://thejh.net/written-stuff/openssh-6.8-xsecurity
https://twitter.com/cyb3rops/status/618839946414157825
https://t.co/LG8oagitso
https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2015/july/exploiting-the-win32kxxxenablewndsbarrows-use-after-free-cve-2015-0057-bug-on-both-32-bit-and-64-bit-tldr/
https://twitter.com/cyb3rops/status/618799246058328064
https://t.co/kpV6hDcWJj
https://securelist.com/blog/research/71275/wild-neutron-economic-espionage-threat-actor-returns-with-new-tricks/
https://twitter.com/cyb3rops/status/618772443709206530
http://t.co/3OPVMRt5yV
http://payload-security.blogspot.com/2015/07/walking-through-report-of-win32rioselxb.html
https://twitter.com/cyb3rops/status/618772258098683904
http://t.co/EcvnCNxuvc
http://www.fireeye.com/blog/threat-research/2015/07/dyre_banking_trojan.html
https://twitter.com/cyb3rops/status/618772071787704320
http://t.co/hnnNZugogQ
http://resources.infosecinstitute.com/animal-farm-apt-and-the-shadow-of-france-intelligence/
https://twitter.com/cyb3rops/status/618659286382739456
https://t.co/mDitRzkeqI
https://github.com/citronneur/node-rdpjs/blob/master/README.md
https://twitter.com/cyb3rops/status/618658797683384320
https://t.co/BfpIB7uFJT
https://blogs.mcafee.com/mcafee-labs/threat-actors-use-encrypted-office-binary-format-evade-detection
https://twitter.com/cyb3rops/status/618555120700248064
http://t.co/cQ44gBhU2n
http://newsoffice.mit.edu/2015/csail-report-government-access-data-major-security-risks-0707
https://twitter.com/cyb3rops/status/618554392145461248
http://t.co/jHewlj6Bq7
http://blog.malwarebytes.org/exploits-2/2015/07/neutrino-ek-leverages-latest-flash-0day/
https://twitter.com/cyb3rops/status/618488784850714624
https://t.co/4YvN9JZIr0
https://t.co/vKLldDpV9e
https://malwr.com/analysis/YzRiMWQwM2JlYThkNGNlZjg0NGQ0MzQ3NTNkNjc5NjM/
https://malwr.com/analysis/ODNhYjNkZTMxMWUwNGJiMGExNDNmMDlkNTc1YjEyYzk/
https://twitter.com/cyb3rops/status/618465007844593664
https://t.co/iJYPfTsEki
https://t.co/oqJwbLfV7O
https://t.co/CzdSkmtQZO
https://www.virustotal.com/en/file/93555102b4c121b996d1ee5c88dcf9b34231406a6b784e049bcd8bb134eebc11/analysis/
https://www.virustotal.com/en/file/92aec56a859679917dffa44bd4ffeb5a8b2ee2894c689abbbcbe07842ec56b8d/analysis/
https://www.virustotal.com/en/file/40a10420b9d49f87527bc0396b19ec29e55e9109e80b52456891243791671c1c/analysis/
https://twitter.com/cyb3rops/status/618455854908616704
http://t.co/iXmISGBWWB
http://blog.checkpoint.com/2015/07/07/who-really-controls-your-online-store/
https://twitter.com/cyb3rops/status/618455460073619456
http://t.co/it5tJ0nlJ3
http://blog.malwarebytes.org/exploits-2/2015/07/hacking-team-leak-exposes-new-flash-zero-day/
https://twitter.com/cyb3rops/status/618419927209353216
https://t.co/G015bYuNKf
https://community.rapid7.com/community/userinsight/blog/2015/07/07/low-and-slow-attackers-easily-hide-from-time-blind-alerts
https://twitter.com/cyb3rops/status/618419432679972864
http://t.co/FuRouTId2G
http://researchcenter.paloaltonetworks.com/2015/07/new-android-malware-family-evades-antivirus-detection-by-using-popular-ad-libraries/
https://twitter.com/cyb3rops/status/618419253239259136
http://t.co/hbQHauvAKl
http://resources.infosecinstitute.com/http2-faster-and-safer-web-enforcing-strong-encryption-as-the-de-facto-standard/
https://twitter.com/cyb3rops/status/618380993704148992
https://t.co/xXbX38rlNz
https://github.com/informationextraction/core-android-native/blob/master/README.txt
https://twitter.com/cyb3rops/status/618380248476991488
http://t.co/MVdWJfFeKe
http://securityaffairs.co/wordpress/38390/cyber-crime/hacking-team-hack-part-2.html
https://twitter.com/cyb3rops/status/618380173638008832
http://t.co/x90lhzfrFC
http://blog.trendmicro.com/trendlabs-security-intelligence/unpatched-flash-player-flaws-more-pocs-found-in-hacking-team-leak/
https://twitter.com/cyb3rops/status/618368366328348672
http://t.co/9MTbycZPIh
http://ift.tt/1Maqu8z
https://twitter.com/cyb3rops/status/618354756621352960
https://t.co/2WetJPZQnA
https://blog.gdatasoftware.com/blog/article/two-major-it-security-myths-debunked.html
https://twitter.com/cyb3rops/status/618302668549804032
https://twitter.com/cyb3rops/status/618302150951731200
https://twitter.com/cyb3rops/status/618301731168985088
https://twitter.com/cyb3rops/status/618299254965190657
https://twitter.com/cyb3rops/status/618162698950414336
http://t.co/kBweBU4fUf
http://zhodiac.hispahack.com/index.php?section=blog&day=6&month=7&year=2015
https://twitter.com/cyb3rops/status/618162233147826177
http://t.co/JUeQ9ZXNK5
http://translate.wooyun.io/2015/07/06/A-Review-of-the-Incident-on-Xiaomi-Routers-Hijacking-Users-Browser.html
https://twitter.com/cyb3rops/status/618161565615955968
https://t.co/VRqdlNzuP5
https://zeltser.com/c2-dns-tunneling/
https://twitter.com/cyb3rops/status/618161114250088448
http://t.co/uUslPma6jE
http://seclists.org/fulldisclosure/2015/Jul/31
https://twitter.com/cyb3rops/status/618161058688143360
http://t.co/P8Ud1zlCV8
http://securityaffairs.co/wordpress/38372/cyber-crime/kins-malware-builder-leaked.html
https://twitter.com/cyb3rops/status/618144734947749888
https://twitter.com/cyb3rops/status/618120879814365184
http://t.co/NqxOndSmhg
http://research.zscaler.com/2015/07/fake-batterybotpro-clickfraud-adfruad.html?m=1
https://twitter.com/cyb3rops/status/618097032453095424
http://t.co/NT74TEbdqq
http://arstechnica.com/security/2015/07/hacking-team-gets-hacked-invoices-show-spyware-sold-to-repressive-govts/
https://twitter.com/cyb3rops/status/618096358768160768
http://t.co/pnD2RUUqsS
http://www.xenproject.org/downloads/xen-archives/xen-45-series/xen-451.html
https://twitter.com/cyb3rops/status/618095517399183364
http://t.co/g9CFZX36ec
http://resources.infosecinstitute.com/moose-malware-part-2/
https://twitter.com/cyb3rops/status/618095284908912640
https://t.co/xogar4IKWO
https://nakedsecurity.sophos.com/2015/07/06/amazon-releases-low-cholesterol-heartbleed-medicine-s2n/?utm_source=Naked%2520Security%2520-%2520Feed&utm_medium=feed&utm_content=rss2&utm_campaign=Feed
https://twitter.com/cyb3rops/status/618026565079859201
https://twitter.com/cyb3rops/status/618024962885074944
https://twitter.com/cyb3rops/status/617971507801812992
https://twitter.com/cyb3rops/status/617969807690964992
https://twitter.com/cyb3rops/status/617969491406942208
https://twitter.com/cyb3rops/status/617963292749860864
http://t.co/gsCyrRwNLp
http://www.yasnitech.com.br/
https://twitter.com/cyb3rops/status/617959592488775680
http://t.co/eU0OrjUxrr
http://www.csoonline.com/article/2943968/data-breach/hacking-team-hacked-attackers-claim-400gb-in-dumped-data.html
https://twitter.com/cyb3rops/status/617905529239793664
https://t.co/U1quL8PAsY
https://twitter.com/malwareforme/status/617865186502942720
https://twitter.com/cyb3rops/status/617903356493889537
https://t.co/5lkBH7Z9EM
https://twitter.com/ochsenmeier/status/617772446612123648
https://twitter.com/cyb3rops/status/617902561752973312
https://t.co/4yibhNVHVN
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2015-1438/
https://twitter.com/cyb3rops/status/617902029147611136
https://t.co/TN9YBhhGV3
https://isc.sans.edu/diary.html?storyid=19875&rss
https://twitter.com/cyb3rops/status/617816825171210240
https://twitter.com/cyb3rops/status/617798546595708928
http://t.co/UjQDUkU6Ef
http://malware.dontneedcoffee.com/2015/07/a-fileless-ursnif-doing-some-pos.html
https://twitter.com/cyb3rops/status/617727312054910976
https://t.co/bhSESZVvRO
https://github.com/Neo23x0/Loki/blob/master/signatures/general_cloaking.yar#L30
https://twitter.com/cyb3rops/status/617706118777843712
http://t.co/yCCWgM9ADY
http://www.jegerlehner.ch/intel/
https://twitter.com/cyb3rops/status/617702642610008064
http://t.co/kMS33PIXAG
http://blog.malwaremustdie.org/2015/07/mmd-0036-2015-kins-or-zeusvm-v2000.html
https://twitter.com/cyb3rops/status/617628467266473984
http://t.co/8uUuLY7mQk
http://rt.com/news/271462-isis-interview-hacker-group/
https://twitter.com/cyb3rops/status/617559390451838976
http://t.co/XyYk9ZY2LO
http://betanews.com/2015/07/04/bsnl-india-hacked-anonymous/
https://twitter.com/cyb3rops/status/617480710924967936
https://twitter.com/cyb3rops/status/617479717466320896
https://twitter.com/cyb3rops/status/617479233158430720
https://twitter.com/cyb3rops/status/617478756286992384
https://twitter.com/cyb3rops/status/617478381337190400
https://twitter.com/cyb3rops/status/617477293846458368
https://twitter.com/cyb3rops/status/617414268745580544
https://t.co/UmCIaQu9OD
https://github.com/jkbrzt/httpie
https://twitter.com/cyb3rops/status/617313354676338689
https://t.co/gA68HfeGIy
https://firstlook.org/theintercept/2015/07/04/nsa-top-brazilian-political-and-financial-targets-wikileaks/
https://twitter.com/cyb3rops/status/617313295624761344
https://t.co/nWt7kiMrKY
https://cyberarms.wordpress.com/2015/07/04/system-level-access-and-plain-text-passwords-using-bypass-uac-and-mimikatz/
https://twitter.com/cyb3rops/status/617296324543795200
https://t.co/ltq6FhuDOe
https://github.com/musalbas/address-spoofing-poc
https://twitter.com/cyb3rops/status/617294879648010240
https://t.co/xVoI8ExxQS
https://t.co/6d5hlBrTiY
https://github.com/drduh/pwd.sh
https://camo.githubusercontent.com/0339f97cb124bce660d7b13d9a4a1a54dda3b8b0/68747470733a2f2f692e696d6775722e636f6d2f73516f4633564e2e676966
https://twitter.com/cyb3rops/status/617233613793439744
https://t.co/uvmcc2Joiw
https://github.com/exp0se/bro-intel-generator
https://twitter.com/cyb3rops/status/617224891125866496
https://t.co/9gElx7ZCu0
http://t.co/N2Zi1ZYA9X
https://github.com/babun/babun
http://vimeo.com/95045348
https://twitter.com/cyb3rops/status/617218971499122688
http://t.co/K5bP4q1sml
http://securityaffairs.co/wordpress/38289/cyber-crime/kovter-patches-flash-player-ie.html
https://twitter.com/cyb3rops/status/617094896348999680
http://t.co/aEWCkc3TRD
http://www.kitploit.com/2015/07/blackbone-windows-memory-hacking-library.html
https://twitter.com/cyb3rops/status/617094761892155392
http://t.co/IrvG2wRiBW
http://www.darknet.org.uk/2015/07/addresssanitizer-a-fast-memory-error-detector/
https://twitter.com/cyb3rops/status/617094720653815809
http://t.co/rjVdJysqYV
http://n0where.net/cowrie-ssh-honeypot/
https://twitter.com/cyb3rops/status/616929814272999424
http://t.co/N8aiQCp6DB
http://www.darksidehackers.com/2010/10/how-to-make-email-sending-keylogger-in.html?m=1
https://twitter.com/cyb3rops/status/616929111081123840
http://t.co/vsw2kxMCYm
http://www.search-lab.hu/about-us/news/109-security-vulnerability-in-lg-s-update-center-application
https://twitter.com/cyb3rops/status/616889352749207552
https://t.co/9IQWqaV3NC
https://threatpost.com/evasion-techniques-keep-angler-eks-cryptowall-business-thriving/113596
https://twitter.com/cyb3rops/status/616870379374649344
http://t.co/DurF3F3ktG
http://fossbytes.com/raspberry-pi-proxyham-device-provides-anonymous-wifi-miles-away-ip-address/
https://twitter.com/cyb3rops/status/616870005389533184
http://t.co/43TRt3rRiC
http://securityaffairs.co/wordpress/38265/malware/gdata-on-android-malware.html
https://twitter.com/cyb3rops/status/616733603096084480
http://t.co/qrtRHz768d
http://blog.checkpoint.com/2015/07/02/matsnu-a-new-malware-discovery/
https://twitter.com/cyb3rops/status/616733107362897921
http://t.co/BlFfpEv3nq
http://www.kitploit.com/2015/07/nikto2-web-server-scanner.html
https://twitter.com/cyb3rops/status/616646047482413056
https://t.co/u88DjcZDI4
https://threatpost.com/attackers-revive-deprecated-ripv1-routing-protocol-in-ddos-attacks/113582
https://twitter.com/cyb3rops/status/616645823095566336
http://t.co/l1ESJjwJlc
http://www.reddit.com/r/Malware/comments/3bvk4c/security_alert_ransomware_delivered_through/
https://twitter.com/cyb3rops/status/616634039575924737
http://t.co/e2Y9bSmDfm
http://www.net-security.org/secworld.php?id=18586
https://twitter.com/cyb3rops/status/616594652544806912
http://t.co/QViCtykzIi
http://resources.infosecinstitute.com/win32lethic-botnet-analysis/
https://twitter.com/cyb3rops/status/616511194938085376
https://twitter.com/cyb3rops/status/616495862571773953
http://t.co/ySgiOeBY0v
http://holisticinfosec.blogspot.com/2015/07/toolsmith-malware-analysis-with-remnux.html
https://twitter.com/cyb3rops/status/616495829101215744
http://t.co/CMSDgT4gYN
http://encase-forensic-blog.guidancesoftware.com/2015/07/password-recovery-can-be-practical.html
https://twitter.com/cyb3rops/status/616495786097004544
http://t.co/uVio7Cbpvm
http://www.ehacking.net/2015/07/metasploit-windows-kernel-exploitation.html
https://twitter.com/cyb3rops/status/616356942613737472
http://t.co/KQS20KWhLw
http://binaryforay.blogspot.nl/2015/07/reintroducing-registry-explorer-and.html?m=1
https://twitter.com/cyb3rops/status/616272339928522752
https://t.co/VcrFbF2t2V
https://twitter.com/headhntr/status/616263526894563328
https://twitter.com/cyb3rops/status/616271783432462336
https://t.co/2PfYUTXo7U
http://t.co/lXTRpSolj9
https://community.rapid7.com/community/metasploit/blog/2015/07/01/safely-dumping-domain-hashes-with-meterpreter
http://www.rapid7.com/db/modules/post/windows/gather/credentials/domain_hashdump
https://twitter.com/cyb3rops/status/616256041580384256
http://t.co/fdcsdRaqQ5
http://pastebin.com/z6eBC59c
https://twitter.com/cyb3rops/status/616214456830435328
https://t.co/PJeMqxQ0ER
https://nakedsecurity.sophos.com/2015/07/01/apple-lets-rip-with-update-spate-osx-ios-safari-itunes-quicktime/
https://twitter.com/cyb3rops/status/616178061453717504
https://t.co/mfr6kb74Am
https://asert.arbornetworks.com/attack-of-the-shuriken-2015-many-hands-many-weapons/
https://twitter.com/cyb3rops/status/616011460666372099
http://t.co/xTr2LmfMDo
http://blog.malwarebytes.org/social-engineering/2015/06/driver-updaters-digital-snake-oil-part-2/
https://twitter.com/cyb3rops/status/615996956331114496
http://t.co/oyGPDgwTQ5
http://arstechnica.com/security/2015/06/researchers-expose-dino-espionage-malware-with-a-french-connection/
https://twitter.com/cyb3rops/status/615996922944487424
http://t.co/c4pTyVLETo
http://blog.erratasec.com/2015/06/cyberul-is-dumb-idea.html
https://twitter.com/cyb3rops/status/615949532141121536
http://t.co/BKPLvgLmtn
http://www.forensicfocus.com/News/article/sid=2453/
https://twitter.com/cyb3rops/status/615949267161731072
http://t.co/wCFsSSil05
http://blogs.cisco.com/security/talos/apple-stbl-atom
https://twitter.com/cyb3rops/status/615949024282177536
https://t.co/Fk5HlMpeOs
https://bto.bluecoat.com/security-advisory/sa97
https://twitter.com/cyb3rops/status/615927439353626624
https://t.co/pZVSnXdlRh
https://community.rapid7.com/community/metasploit/blog/2015/06/30/more-on-flash-exploits-into-the-framework
https://twitter.com/cyb3rops/status/615927204090933248
http://t.co/fSJSLnfHom
http://www.welivesecurity.com/2015/06/30/us-suspends-background-checks-system-flaw-found/
https://twitter.com/cyb3rops/status/615905458193309696
https://twitter.com/cyb3rops/status/615879978312441856
https://t.co/0644ow6ShY
https://www.eff.org/deeplinks/2015/05/logjam-part-2-did-nsa-know-years-internet-was-broken
https://twitter.com/cyb3rops/status/615867409673637888
http://t.co/tQ84PTIMMI
http://www.darknet.org.uk/2015/06/watobo-the-web-application-security-auditing-toolbox/
https://twitter.com/cyb3rops/status/615765067330535424
https://t.co/WeDGzJypEV
https://mikkolehtisalo.wordpress.com/2015/06/29/copying-windows-kerberos-tickets-to-linux/
https://twitter.com/cyb3rops/status/615764854675079168
https://t.co/j0jzmfuEI0
https://localh0t.github.io/wildpwn-v0.1-unix-wildcard-attacks/
https://twitter.com/cyb3rops/status/615764672990482432
http://t.co/4r0G2GelVT
http://hackaday.com/2015/06/29/true-random-number-generator-for-a-true-hacker/
https://twitter.com/cyb3rops/status/615764360783249408
https://t.co/7orUFBmfJM
https://isc.sans.edu/diary.html?storyid=19843&rss
https://twitter.com/cyb3rops/status/615599587131265024
http://t.co/jlu9rRPr8l
http://www.nothink.org/codes/snmpcheck/
https://twitter.com/cyb3rops/status/615579157637017600
http://t.co/qDf5XG35Sv
http://www.ehacking.net/2015/06/sidestep-yet-another-anti-virus-evasion.html
https://twitter.com/cyb3rops/status/615556496227700737
https://t.co/dn884oWuD5
https://www.recordedfuture.com/identifying-ics-exploits/
https://twitter.com/cyb3rops/status/615556363125657600
https://t.co/iNtV8eerGa
https://isc.sans.edu/diary.html?storyid=19851&rss
https://twitter.com/cyb3rops/status/615556217969209344
http://t.co/U42ENZdspv
http://www.invoke-ir.com/2015/06/ontheforensictrail-part3.html
https://twitter.com/cyb3rops/status/615556173052440576
http://t.co/DbwhwlOPWX
http://www.net-security.org/secworld.php?id=18566
https://twitter.com/cyb3rops/status/615544452636102656
https://twitter.com/cyb3rops/status/615516345527070720
https://t.co/grrZ0qz7Zw
https://www.virustotal.com/en/file/7ba09403e9d7122a20fa510de11f7809822e6e11efb164414e2148b762cf4e75/analysis/
https://twitter.com/cyb3rops/status/615501014175776768
https://twitter.com/cyb3rops/status/615500623878950912
https://twitter.com/cyb3rops/status/615459020862844929
https://twitter.com/cyb3rops/status/615454462874927104
https://twitter.com/cyb3rops/status/615452582425829376
https://twitter.com/cyb3rops/status/615451077174001664
https://twitter.com/cyb3rops/status/615444678977175552
http://t.co/KwdMRpihv7
http://blog.hackersonlineclub.com/2015/06/blackbone-windows-memory-hacking-library.html
https://twitter.com/cyb3rops/status/615406713127178240
http://t.co/aBmpnWHDGv
http://blog.malwarebytes.org/exploits-2/2015/06/recent-flash-player-0-day-exploit-goes-mainstream/
https://twitter.com/cyb3rops/status/615262763506663424
http://t.co/8ReFvIO3H6
http://digital-forensics.sans.org/blog/2015/06/28/detecting-shellcode
https://twitter.com/cyb3rops/status/615257882460835842
http://t.co/4Q1vsPtT5E
http://www.csoonline.com/article/2939325/data-protection/it-forget-the-device-secure-the-data.html
https://twitter.com/cyb3rops/status/615253120642351104
http://t.co/9CELbZxq9R
http://www.computerworld.com/article/2903714/60-diy-car-hacking-device-is-an-inexpensive-and-easy-way-to-hack-cars.html
https://twitter.com/cyb3rops/status/615252794216435712
http://t.co/OI6tWYmmcu
http://www.ehacking.net/2015/06/parrot-security-os-for-pentesting-and.html
https://twitter.com/cyb3rops/status/615140838037917696
http://t.co/a0L7rtQpea
http://securityaffairs.co/wordpress/38122/cyber-crime/magento-card-stealers.html
https://twitter.com/cyb3rops/status/615097830143848448
http://t.co/FBPCEUmmD4
http://blog.hackersonlineclub.com/2015/06/nuclide-open-ide-experience-for-hack.html
https://twitter.com/cyb3rops/status/615079231916240896
https://twitter.com/cyb3rops/status/615068390160506880
http://t.co/LsD68o9H78
http://www.zer0trusion.com/2015/06/automated-and-anonymous-sql-injection.html?m=1
https://twitter.com/cyb3rops/status/615068056142893056
http://t.co/eTYrLbPR2u
http://www.businessinsider.com/russia-and-china-are-hacking-british-companies-and-spying-on-their-employees-2015-6?IR=T
https://twitter.com/cyb3rops/status/614946160013393920
https://t.co/h5B21Tp8GG
https://djbunny5.com/2015/06/26/dns-amplification-attacks/
https://twitter.com/cyb3rops/status/614945879104057344
http://t.co/VtJEulIb0G
http://malware.dontneedcoffee.com/2015/06/cve-2015-3113-flash-up-to-1800160-and.html
https://twitter.com/cyb3rops/status/614945361682149376
https://t.co/8Fcp7si0d6
https://blog.gdatasoftware.com/blog/article/banking-trojan-has-targeted-bundestag.html
https://twitter.com/cyb3rops/status/614884743017033728
http://t.co/xYyTdkMaRA
http://insight-labs.org/?p=1095
https://twitter.com/cyb3rops/status/614844766241587204
http://t.co/8qMhXPA2B7
http://www.kitploit.com/2015/06/squert-simple-query-and-report-tool.html
https://twitter.com/cyb3rops/status/614530209803583488
http://t.co/Ko4Lc6ads6
http://www.kitploit.com/2015/06/sqlmap-web-gui-web-gui-to-drive-near.html
https://twitter.com/cyb3rops/status/614516167676444672
http://t.co/j0iWWBEbtX
http://blog.checkpoint.com/2015/06/26/microsoft-word-intruder-rtf-sample-analysis/
https://twitter.com/cyb3rops/status/614515791594188800
http://t.co/zH8b9M077h
http://blog.trendmicro.com/trendlabs-security-intelligence/the-state-of-the-esilelotus-blossom-campaign/
https://twitter.com/cyb3rops/status/614480810775826432
https://twitter.com/cyb3rops/status/614440608996925440
https://t.co/6ITvmBfoTV
https://www.trustedsec.com/june-2015/interactive-powershell-sessions-within-meterpreter/
https://twitter.com/cyb3rops/status/614440569406926849
http://t.co/3DUKczY05m
http://www.virusbtn.com/blog/2015/06_26.xml?rss
https://twitter.com/cyb3rops/status/614389514325331969
http://t.co/0TDXrzAcMG
http://blog.trendmicro.com/trendlabs-security-intelligence/trend-micro-discovers-android-vulnerability-that-can-lead-to-exposure-of-device-memory-content/
https://twitter.com/cyb3rops/status/614372471253434368
https://t.co/1S1QX9DPZy
https://www.loggly.com/blog/regexes-the-bad-better-best/
https://twitter.com/cyb3rops/status/614320246485352448
https://t.co/0btehkLfRu
https://www.recordedfuture.com/iranian-saudi-cyber-conflict/
https://twitter.com/cyb3rops/status/614194708601028608
http://t.co/kvOzMInEom
http://blog.cylance.com/vegan-chrome-extension-to-defeat-beef
https://twitter.com/cyb3rops/status/614194015802630144
http://t.co/YMZS5xCPM7
http://www.kitploit.com/2015/06/poet-simple-post-exploitation-tool.html
https://twitter.com/cyb3rops/status/614193967412977665
http://t.co/d79ehkFDHn
http://www.ehacking.net/2015/06/vbscan-black-box-vbulletin.html
https://twitter.com/cyb3rops/status/614149414635065344
http://t.co/ZUBYlOkySz
http://www.hexacorn.com/blog/2015/06/25/using-race-conditions-as-an-antisandbox-trick/
https://twitter.com/cyb3rops/status/614138483842674688
http://t.co/9WvypGT1Sz
http://blog.malwaremustdie.org/2015/06/mmd-0034-2015-new-elf.html
https://twitter.com/cyb3rops/status/614039192256053248
https://twitter.com/cyb3rops/status/614037303154110464
https://t.co/qKGs2muUV3
https://nakedsecurity.sophos.com/2015/06/25/blackshades-rat-co-author-sentenced-to-57-months-in-prison/?utm_source=Naked%2520Security%2520-%2520Feed&utm_medium=feed&utm_content=rss2&utm_campaign=Feed
https://twitter.com/cyb3rops/status/614002725672624128
http://t.co/Iuj0IzJH9M
http://www.net-security.org/malware_news.php?id=3063
https://twitter.com/cyb3rops/status/614002267306500096
https://t.co/lI7CclueQ3
https://isc.sans.edu/diary.html?storyid=19837&rss
https://twitter.com/cyb3rops/status/613841062201794560
https://t.co/eYk8ScltI2
https://twitter.com/PhysicalDrive0/status/613807643031957506
https://twitter.com/cyb3rops/status/613837975940694017
http://t.co/CLf9hp1Xhx
http://n0where.net/incident-response-malware-analysis-irma/
https://twitter.com/cyb3rops/status/613837858122661889
http://t.co/umoZTB2zSa
http://n0where.net/software-defined-security-haka/
https://twitter.com/cyb3rops/status/613809136006991877
http://t.co/LUybVmtZcP
http://blog.malwarebytes.org/news/2015/06/new-malwarebytes-anti-exploit-version-is/
https://twitter.com/cyb3rops/status/613808131886477312
http://t.co/1qi5bjej7B
http://seclist.us/powershell-post-exploitation-domainenum-v-0-1-0.html
https://twitter.com/cyb3rops/status/613784928707325952
http://t.co/7zwfBKQdSy
http://blogs.cisco.com/security/talos/hook-line-sinker
https://twitter.com/cyb3rops/status/613784879998849024
http://t.co/hcuyIovxbF
http://blog.malwarebytes.org/intelligence/2015/06/elusive-hanjuan-ek-caught-in-new-malvertising-campaign/
https://twitter.com/cyb3rops/status/613773985302585344
http://t.co/7UkbFnUpf8
http://www.virusbtn.com/blog/2015/06_24a.xml?rss
https://twitter.com/cyb3rops/status/613773921645633536
http://t.co/OWKmv0Jjlr
http://mobile.reuters.com/article/idUSKBN0P31M720150623?irpc=932
https://twitter.com/cyb3rops/status/613772440540434432
http://t.co/LJOgG4MOHE
http://www.reddit.com/r/Malware/comments/3az0fe/poc_evade_malware_detection_though_use_of_nodejs/
https://twitter.com/cyb3rops/status/613772194246750208
http://t.co/JoTp3b8h3B
http://www.net-security.org/secworld.php?id=18549
https://twitter.com/cyb3rops/status/613772076940435457
http://t.co/PF8DnBIfPt
http://seclist.us/updates-lfi-freak-a-unique-automated-lfi-exploiter-with-bindreverse-shells.html
https://twitter.com/cyb3rops/status/613734522807562240
http://t.co/Tqv2pJ0TJc
http://arstechnica.com/security/2015/06/national-archives-finds-same-malware-that-stole-govt-personnel-data/
https://twitter.com/cyb3rops/status/613710383073898496
https://t.co/4fgtdNu8Je
http://t.co/9VeVz4G9hU
https://www.bsk-consulting.de/2015/02/16/write-simple-sound-yara-rules/
http://securityintelligence.com/signature-based-detection-with-yara/#.VYqvyJQazCQ
https://twitter.com/cyb3rops/status/613684862327881728
https://t.co/LYeWjFrdtj
https://github.com/m4rco-/dorothy2
https://twitter.com/cyb3rops/status/613639455723888640
http://t.co/TyTsfeLb58
http://blog.trendmicro.com/trendlabs-security-intelligence/new-adobe-zero-day-shares-same-root-cause-as-older-flaws/
https://twitter.com/cyb3rops/status/613639233518071808
http://t.co/9GwC6zrsuC
http://seclist.us/updates-ruby-sslscanner-a-simple-and-easy-to-use-ssl-cipher-scanner.html
https://twitter.com/cyb3rops/status/613593182761259008
https://t.co/5wCwEyoEXN
https://blog.hboeck.de/archives/873-The-tricky-security-issue-with-FollowSymLinks-and-Apache.html
https://twitter.com/cyb3rops/status/613511493766807552
http://t.co/5jXBqgmcwo
http://seclist.us/c00kiesd00r-a-cookies-backdoor-to-the-web-server.html
https://twitter.com/cyb3rops/status/613471678971158529
http://t.co/nsIrsUGgDI
http://seclist.us/smalisca-v-0-2-released-static-code-analysis-for-smali-files.html
https://twitter.com/cyb3rops/status/613471480471515137
http://t.co/J9fhgGTjyd
http://seclist.us/shellharness-is-a-exploitation-harness-for-http-shellshock.html
https://twitter.com/cyb3rops/status/613405763785113601
https://t.co/xSDX5P5Eyh
https://github.com/glastopf/glastopf
https://twitter.com/cyb3rops/status/613401627433771008
http://t.co/cV3xR9BZo4
http://www.hexacorn.com/blog/2015/06/23/lame-tricks-with-ldrregisterdllnotification/
https://twitter.com/cyb3rops/status/613379599750299648
http://t.co/DTPoC3Y84P
http://blog.malwaremustdie.org/2015/06/the-elf-chinaz-reloaded-addendum.html
https://twitter.com/cyb3rops/status/613373914434113536
https://t.co/j8IiojRxFY
https://zeltser.com/cyber-threat-intel-and-ir-report-template/
https://twitter.com/cyb3rops/status/613373829449183232
http://t.co/d1b93tzlLF
http://labs.bitdefender.com/2015/06/android-instapaper-app-vulnerable-to-man-in-the-middle-attacks/
https://twitter.com/cyb3rops/status/613312097108279296
http://t.co/vHXWuIvjqH
http://www.net-security.org/secworld.php?id=18541
https://twitter.com/cyb3rops/status/613307996366630912
https://t.co/Vv2zztVJb3
https://crits.github.io/
https://twitter.com/cyb3rops/status/613306105452736512
http://t.co/2zpz4vgWg2
http://www.surbl.org/
https://twitter.com/cyb3rops/status/613261057520484352
https://t.co/dePSQx7W2C
https://elastalert.readthedocs.org/en/latest/elastalert.html
https://twitter.com/cyb3rops/status/613220730210254848
http://t.co/y9Tgp80q08
http://n0where.net/bruteforce-attack-protection-sentry/
https://twitter.com/cyb3rops/status/613216253734486016
https://t.co/n3Q4gmNGcH
https://blog.gdatasoftware.com/blog/article/new-dridex-infection-vector-identified.html
https://twitter.com/cyb3rops/status/613116864953208832
http://t.co/8iLINrHVyl
http://n0where.net/sqlmap-web-gui/
https://twitter.com/cyb3rops/status/613073760250408960
http://t.co/f5BjBJn8Zg
http://www.ehacking.net/2015/06/ios-penetration-testing-lab-environment.html
https://twitter.com/cyb3rops/status/613073677689729024
http://t.co/LNrXtDSp4n
http://www.darknet.org.uk/2015/06/unix-privesc-check-unixlinux-user-privilege-escalation-scanner/
https://twitter.com/cyb3rops/status/613044896899973120
http://t.co/rVLM8dPwv8
http://blog.malwarebytes.org/news/2015/06/malwarebytes-acquires-junkware-removal-tool/
https://twitter.com/cyb3rops/status/613012351894298625
http://t.co/ZNBEOu6tQb
http://az4n6.blogspot.com/2015/06/sqlite-deleted-data-parser-update-leave.html
https://twitter.com/cyb3rops/status/613012120267952132
http://t.co/E9IVVBkzvB
http://seclist.us/thc-hydra-ipv6-attack-toolkit-v-2-8-dev.html
https://twitter.com/cyb3rops/status/613011822896095233
https://t.co/uA2ya5nSrF
https://securelist.com/blog/research/70991/games-are-over/
https://twitter.com/cyb3rops/status/612979874152775680
https://t.co/vmEhfQESyk
https://firstlook.org/theintercept/2015/06/22/gchq-reverse-engineering-warrants/
https://twitter.com/cyb3rops/status/612979770096283648
http://t.co/0QQzBuORJQ
http://seclist.us/exploits-a-stack-buffer-overflow-in-at-tftp-xdb-ftp-password-buffer-overflow-vulnerability.html
https://twitter.com/cyb3rops/status/612979437617987585
http://t.co/5WCUHoVCVs
http://nakedsecurity.sophos.com/2015/06/22/google-chrome-bad-link-detection-bypass-found-fixed
https://twitter.com/cyb3rops/status/612899208543215616
http://t.co/QliDRvIBd3
http://seclist.us/t2-packetspammer-is-a-wifi-packet-injection-utility.html
https://twitter.com/cyb3rops/status/612898861061906432
http://t.co/9Wk3zbKnLm
http://n0where.net/best-pcap-tools/
https://twitter.com/cyb3rops/status/612898556970708996
http://t.co/Q5cb5ERsTO
http://seclist.us/nme-network-mapping-and-enumeration-framework-released.html
https://twitter.com/cyb3rops/status/612740541894103041
https://t.co/nKPe8jQlC3
https://github.com/pm2-hive/pm2-webshell
https://twitter.com/cyb3rops/status/612732379099213824
http://t.co/59zZVOOIx0
http://tech.firstpost.com/news-analysis/deep-panda-is-the-hacking-group-behind-us-data-breach-says-cybersecurity-firm-271432.html
https://twitter.com/cyb3rops/status/612731457577070592
http://t.co/59MlnH1iSO
http://cyber-defense.sans.org/blog/2015/06/08/powershell-md5-hash-integrity-verifier-to-detect-file-system-changes
https://twitter.com/cyb3rops/status/612728216353017858
https://t.co/POjq8OSwl6
https://github.com/Dionach/Splunk-Web-Shell
https://twitter.com/cyb3rops/status/612712045092433920
http://t.co/WvOAM5Dr2s
http://n0where.net/web-security-dojo/
https://twitter.com/cyb3rops/status/612694741675831296
https://t.co/K6nm7PcuMx
https://github.com/MITRECND/yaraprocessor
https://twitter.com/cyb3rops/status/612690233319161856
https://t.co/pGwPOfhQtU
https://github.com/jesusprubio/bluebox-ng
https://twitter.com/cyb3rops/status/612676062590423041
http://t.co/1MSjI8F8Je
http://seclist.us/maelstrom-bash-script-for-wifi-vector-attack.html
https://twitter.com/cyb3rops/status/612593395559698432
http://t.co/6wBQDVN627
http://seclist.us/simple-network-packet-sniffer-written-in-python.html
https://twitter.com/cyb3rops/status/612499868456718336
https://t.co/uM8uhx5tqr
https://pentestbox.com/
https://twitter.com/cyb3rops/status/612396426207825920
http://t.co/7bTMs2oCHN
http://seclist.us/pyxhook-py-simple-python-keylogger-that-works-on-linux-it-is-100-desktop-and-gui-toolkit-independent.html
https://twitter.com/cyb3rops/status/612305749759406080
http://t.co/SIXdITmTz0
http://seclist.us/post-exploitation-domain-enum.html
https://twitter.com/cyb3rops/status/612305114439790593
http://t.co/Q41u8Gsbz3
http://seclist.us/blackbone-is-a-windows-memory-hacking-library.html
https://twitter.com/cyb3rops/status/612134985475207168
https://t.co/8Fcp7si0d6
https://blog.gdatasoftware.com/blog/article/banking-trojan-has-targeted-bundestag.html
https://twitter.com/cyb3rops/status/612077830093021184
http://t.co/No7qyDZgKw
http://blog.malwaremustdie.org/2015/06/the-elf-chinaz-reloaded.html
https://twitter.com/cyb3rops/status/612011124674928640
http://t.co/srDOhqKKiG
http://seclist.us/backdoor-demo-native-linux-backdoors-command.html
https://twitter.com/cyb3rops/status/611974880297357312
http://t.co/x15jIQt7Yj
http://blog.checkpoint.com/2015/06/19/zero-day-flaw-victimizes-apple-ios-and-osx-apps/
https://twitter.com/cyb3rops/status/611955959519424512
http://t.co/Hu7mqTyOF1
http://www.darknet.org.uk/2015/06/parrot-security-os-debian-based-security-oriented-operating-system/
https://twitter.com/cyb3rops/status/611939966466281472
http://t.co/C1Jb9019WK
http://nakedsecurity.sophos.com/2015/06/19/sonys-post-breach-woes-continue-as-wikileaks-dumps-276000-more-documents
https://twitter.com/cyb3rops/status/611936000592486400
http://t.co/lCtiZ1uUih
http://seclist.us/updates-lightaidra-irc-based-mass-router-scanner-exploiter.html
https://twitter.com/cyb3rops/status/611922873024925697
http://t.co/1uhex4cbQs
http://www.virusbtn.com/blog/2015/06_19.xml?rss
https://twitter.com/cyb3rops/status/611922818226384896
http://t.co/uwy26jBVK6
http://securityintelligence.com/the-pos-malware-epidemic-the-most-dangerous-vulnerabilities-and-malware/
https://twitter.com/cyb3rops/status/611889798467481600
https://t.co/9YFS6mVG7H
https://twitter.com/bogenschlag/status/611888568299061248
https://twitter.com/cyb3rops/status/611868479940100096
http://t.co/bmTIBJb58Q
http://seclist.us/php-multipartform-data-remote-dos-vulnerability-cve-2015-4024.html
https://twitter.com/cyb3rops/status/611868248095768576
http://t.co/hetWvcpBOi
http://seclist.us/decrypts-some-payloads-of-the-upatre-malware-family.html
https://twitter.com/cyb3rops/status/611816244598185984
http://t.co/VEII5jD9hC
http://www.net-security.org/secworld.php?id=18530
https://twitter.com/cyb3rops/status/611785722727636992
http://t.co/zkAiYCExJq
http://seclist.us/updates-oracle_pwd_tools-oracle-database-12c-password-brute-forcer.html
https://twitter.com/cyb3rops/status/611785610878144512
http://t.co/PqbKpyZScd
http://blog.hackersonlineclub.com/2015/06/how-microsoft-can-spy-on-you-how-to.html?m=1
https://twitter.com/cyb3rops/status/611714089149157376
http://t.co/mOz2vpStFr
http://www.fireeye.com/blog/threat-research/2015/06/evolution_of_dridex.html
https://twitter.com/cyb3rops/status/611668083934040064
https://twitter.com/cyb3rops/status/611655599927992320
http://t.co/dnmH1aJKLi
http://t.co/OoVW6nLVNT
http://ASP.net
http://seclist.us/python-and-perl-script-to-exploit-asp-net-padding-oracle-vulnerability.html
https://twitter.com/cyb3rops/status/611597541944225792
https://t.co/6R2erqxI8Y
https://gallery.technet.microsoft.com/scriptcenter/Kerberos-Golden-Ticket-b4814285
https://twitter.com/cyb3rops/status/611585599422787584
https://t.co/keF5HZQeMQ
https://hiddencodes.wordpress.com/2015/06/18/deobfuscate-javascript-using-phantomjs-headless-browser/
https://twitter.com/cyb3rops/status/611585503427731456
http://t.co/gNG5VOTbyI
http://www.kitploit.com/2015/06/security-cheatsheets-collection-of.html
https://twitter.com/cyb3rops/status/611562426199339009
https://t.co/ScwVEzCdZG
https://securelist.com/analysis/publications/70673/uncovering-tor-users-where-anonymity-ends-in-the-darknet/
https://twitter.com/cyb3rops/status/611562251896651776
http://t.co/ts8xkJrpZ5
http://seclist.us/updates-windows-exploit-suggester-revision-v-2-6-2015-06-18.html
https://twitter.com/cyb3rops/status/611561825948336128
http://t.co/OEi7PkKNzi
http://seclist.us/instarecon-v-0-1-0-released-basic-automated-digital-reconnaissance.html
https://twitter.com/cyb3rops/status/611561029349310464
https://t.co/nsZkgTTxLk
https://gist.github.com/Neo23x0/e3d4e316d7441d9143c7
https://twitter.com/cyb3rops/status/611419643941679104
http://t.co/hM7ZuYexRq
http://seclist.us/darkcomet-rat-exploiter.html
https://twitter.com/cyb3rops/status/611285311142952960
https://twitter.com/cyb3rops/status/611283286934073344
http://t.co/PNrOel0KG1
http://seclist.us/list-of-linux-post-exploitation-enumeration-and-exploit-checking-tools.html
https://twitter.com/cyb3rops/status/611265181239406593
http://t.co/4Aj4YIpxPp
http://www.fireeye.com/blog/threat-research/2015/06/caching_out_the_val.html
https://twitter.com/cyb3rops/status/611254598519648256
https://twitter.com/cyb3rops/status/611242616517173249
http://t.co/zfM5rc5POR
http://blog.trendmicro.com/trendlabs-security-intelligence/analysis-of-cve-2015-2360-duqu-2-0-zero-day-vulnerability/
https://twitter.com/cyb3rops/status/611242538641551361
http://t.co/HlV36M0hah
http://krebsonsecurity.com/2015/06/critical-flaws-in-apple-samsung-devices/
https://twitter.com/cyb3rops/status/611208551411941376
http://t.co/hqa0V66oFm
http://seclist.us/against-py-v-0-2-released-mass-scanning-and-brute-forcing-script-for-ssh.html
https://twitter.com/cyb3rops/status/611181568699314176
http://t.co/DKmlqEgr5v
http://www.net-security.org/secworld.php?id=18522
https://twitter.com/cyb3rops/status/611181497421312000
http://t.co/wBVb3GDWc4
http://seclist.us/updates-process-hacker-v-2-35-multi-purpose-tool-that-helps-you-monitor-system-resources-debug-software-and-detect-malware.html
https://twitter.com/cyb3rops/status/611128748956631040
https://twitter.com/cyb3rops/status/611112276255473664
https://t.co/JeVTbkWBML
https://securelist.com/blog/research/70726/the-spring-dragon-apt/
https://twitter.com/cyb3rops/status/611060758873509888
http://t.co/8RMADyp7GJ
http://resources.infosecinstitute.com/card-fraud-in-the-deep-web/
https://twitter.com/cyb3rops/status/611060366815141888
http://t.co/lVG9scDeQW
http://seclist.us/sudo-backdoor-wrapper-to-sudo-for-stealing-user-password.html
https://twitter.com/cyb3rops/status/611060288033570816
http://t.co/oZrBdyecFP
http://www.secureworks.com/cyber-threat-intelligence/threats/stegoloader-a-stealthy-information-stealer/
https://twitter.com/cyb3rops/status/610937416187281408
http://t.co/urVbAJOUUu
http://blog.didierstevens.com/2015/06/16/metasploit-meterpreter-reverse-https-snort-rule
https://twitter.com/cyb3rops/status/610915440345354240
http://t.co/ui9Kjauot7
http://blogs.cisco.com/security/talos/nuclear-sophistication
https://twitter.com/cyb3rops/status/610858308015124480
http://t.co/8zFJAYjPrO
http://blog.trendmicro.com/trendlabs-security-intelligence/cybercriminal-sharpshooters-nigerian-scammers-use-hawkeye-to-attack-small-businesses/
https://twitter.com/cyb3rops/status/610841337211039744
https://twitter.com/cyb3rops/status/610840080375267329
http://t.co/vpHgHgHDka
http://seclist.us/updates-poet-v-0-4-2-a-simple-post-exploitation-tool.html
https://twitter.com/cyb3rops/status/610839929032196096
https://t.co/Ieu7PNBYFV
https://isc.sans.edu/diary.html?storyid=19805&rss
https://twitter.com/cyb3rops/status/610836085338447874
https://twitter.com/cyb3rops/status/610808005899251713
http://t.co/HyuY72aNyY
http://blog.trendmicro.com/trendlabs-security-intelligence/magnitude-exploit-kit-uses-newly-patched-adobe-vulnerability-us-canada-and-uk-are-most-at-risk/
https://twitter.com/cyb3rops/status/610801616682356736
https://twitter.com/cyb3rops/status/610790426254143488
http://t.co/SBro5N368K
http://seclist.us/pyxiewps-is-a-wireless-attack-tool-to-retrieve-the-wps-pin-in-seconds.html
https://twitter.com/cyb3rops/status/610790242593935361
http://t.co/bYRTIvGHpp
http://researchcenter.paloaltonetworks.com/2015/06/operation-lotus-blossom/
https://twitter.com/cyb3rops/status/610695554939645952
http://t.co/PNwOsBMrJQ
http://www.kitploit.com/2015/06/icmpsh-simple-reverse-icmp-shell.html
https://twitter.com/cyb3rops/status/610695327847460865
http://t.co/MWumeecf5M
http://seclist.us/oracle_pwd_tools-oracle-database-12c-password-brute-forcer.html
https://twitter.com/cyb3rops/status/610540236691668992
http://t.co/Qon0c7SbOH
http://seclist.us/thewind-a-mitm-attack-tool.html
https://twitter.com/cyb3rops/status/610497021380808706
http://t.co/DUlYd5xrWY
http://krebsonsecurity.com/2015/06/catching-up-on-the-opm-breach/
https://twitter.com/cyb3rops/status/610496893253197824
http://t.co/X21UIzRPSl
http://www.kitploit.com/2015/06/crouton-chromium-os-universal-chroot.html
https://twitter.com/cyb3rops/status/610468245934604289
https://twitter.com/cyb3rops/status/610376013441335296
http://t.co/sgjHWn63Rf
http://blog.trendmicro.com/trendlabs-security-intelligence/windows-server-2003-end-of-life-you-cant-rip/
https://twitter.com/cyb3rops/status/610375946219225088
http://t.co/41Y3bEw92e
http://seclist.us/nse-script-for-brute-force-open-ports.html
https://twitter.com/cyb3rops/status/610066064584638464
http://t.co/dwWyO3Xna8
http://seclist.us/ftpmap-ftp-scanner-and-take-over-tool-in-c.html
https://twitter.com/cyb3rops/status/609985986462916608
http://t.co/RRObVpvgZa
http://seclist.us/updates-ratdecoders-v-13-06-2015-python-decoders-for-common-remote-access-trojans.html
https://twitter.com/cyb3rops/status/609867291157757953
http://t.co/QwC6JlZO9Q
http://digital-forensics.sans.org/blog/2015/06/13/how-to-install-sift-workstation-and-remnux-on-the-same-forensics-system
https://twitter.com/cyb3rops/status/609867203614253056
http://t.co/GmUOJjQZva
http://www.darknet.org.uk/2015/06/just-metadata-gathers-analyse-ip-address-metadata/
https://twitter.com/cyb3rops/status/609756724942241792
http://t.co/8XoR7NkZcs
http://seclist.us/xxeinjector-tool-for-automatic-exploitation-of-xxe-vulnerability-using-direct-and-different-out-of-band-methods.html
https://twitter.com/cyb3rops/status/609702542222749696
http://t.co/64dszNsYaP
http://seclist.us/dnstwist-generate-and-resolve-domain-variations-to-detect-typo-squatting-phishing-and-corporate-espionage.html
https://twitter.com/cyb3rops/status/609702478167281664
http://t.co/Qv3Ik9j0u1
http://securityaffairs.co/wordpress/37762/malware/duqu-2-0-developed-by-israel.html
https://twitter.com/cyb3rops/status/609624560133107712
https://twitter.com/cyb3rops/status/609624019109834752
http://t.co/iRbw4tfGRS
http://blog.malwarebytes.org/mobile-2/2015/06/complex-method-of-obfuscation-found-in-dropper-realshell/
https://twitter.com/cyb3rops/status/609509862503022592
http://t.co/Ef6czVNVfA
http://seclist.us/dragon-c-backdoors-is-a-sniffing-non-binding-reverse-downexec-portknocking-service.html
https://twitter.com/cyb3rops/status/609443259778207745
http://t.co/fTFUXtCtuZ
http://blog.malwarebytes.org/intelligence/2015/06/unusual-exploit-kit-targets-chinese-users-part-2/
https://twitter.com/cyb3rops/status/609402043875356674
http://t.co/UoVmAPYxX8
http://www.welivesecurity.com/2015/06/12/ios-bug-leaves-icloud-passwords-vulnerable/
https://twitter.com/cyb3rops/status/609389099582099456
https://twitter.com/cyb3rops/status/609354414483185664
https://twitter.com/cyb3rops/status/609344307997356033
http://t.co/MA9XUznoWy
http://m.theregister.co.uk/2015/06/11/duqu2_kaspersky_attack_analysis/
https://twitter.com/cyb3rops/status/609343196196421632
http://t.co/gNY50nqicg
http://resources.infosecinstitute.com/ios-application-security-part-44-bypassing-jailbreak-detection-using-xcon/
https://twitter.com/cyb3rops/status/609313357250830336
http://t.co/LYc1mSfoZ4
http://securityblog.gr/2737/reversing-with-objdump/
https://twitter.com/cyb3rops/status/609281649008865280
https://twitter.com/cyb3rops/status/609267558529822720
http://t.co/DD0BfGfjWx
http://researchcenter.paloaltonetworks.com/2015/06/evilgrab-delivered-by-watering-hole-attack-on-president-of-myanmars-website/
https://twitter.com/cyb3rops/status/609267515928281088
http://t.co/1hZpAVs673
http://www.net-security.org/secworld.php?id=18503
https://twitter.com/cyb3rops/status/609252649930723329
https://t.co/nugRzMsJxp
https://github.com/github/hoosegow
https://twitter.com/cyb3rops/status/609122740906377216
http://t.co/ZPmyPT5o2v
http://seclist.us/crhash-a-customizable-hash-brute-forcer.html
https://twitter.com/cyb3rops/status/609091912394518529
http://t.co/MWE0ArPimB
http://phishme.com/dyre-configuration-dumper/
https://twitter.com/cyb3rops/status/609091813484453888
http://t.co/uFF5HlolEo
http://research.zscaler.com/2015/06/gamarue-dropping-lethic-bot.html?m=1
https://twitter.com/cyb3rops/status/609091612535365632
http://t.co/nITPYWxwtg
http://blog.malwarebytes.org/malvertising-2/2015/06/popcash-malvertising-leads-to-cryptowall-3-0/
https://twitter.com/cyb3rops/status/609016829395263488
http://t.co/KIjMpEohzH
http://www.net-security.org/malware_news.php?id=3055
https://twitter.com/cyb3rops/status/609016760793214977
http://t.co/pw9PVp0Kqm
http://windowsir.blogspot.com/2015/06/regripper-plugin-update.html
https://twitter.com/cyb3rops/status/608987866333605888
http://t.co/nZ0wGDWwpw
http://securityintelligence.com/got-linux-billgates-botnet-activity-on-the-rise/
https://twitter.com/cyb3rops/status/608941131414515712
https://t.co/hVL1iCaITW
https://isc.sans.edu/diary.html?storyid=19785&rss
https://twitter.com/cyb3rops/status/608941020135456768
http://t.co/S7WxUVWkNL
http://www.net-security.org/secworld.php?id=18499
https://twitter.com/cyb3rops/status/608875223929204737
https://t.co/uCPAr26zc5
https://blogs.mcafee.com/mcafee-labs/evoltin-pos-malware-attacks-via-macro
https://twitter.com/cyb3rops/status/608731022621061120
https://t.co/rMdYrFQQBl
https://github.com/gurnec/HashCheck
https://twitter.com/cyb3rops/status/608671550116667393
https://twitter.com/cyb3rops/status/608658048572342272
http://t.co/twINa6f9Yw
http://www.net-security.org/secworld.php?id=18497
https://twitter.com/cyb3rops/status/608643823070228481
https://t.co/BjzktQcAkJ
https://t.co/ycrD1r0vjk
https://t.co/QJZRAVqub3
https://securelist.com/blog/research/70504/the-mystery-of-duqu-2-0-a-sophisticated-cyberespionage-actor-returns/
https://securelist.com/files/2015/06/The_Mystery_of_Duqu_2_0_a_sophisticated_cyberespionage_actor_returns.pdf
https://securelist.com/files/2015/06/7c6ce6b6-fee1-4b7b-b5b5-adaff0d8022f.ioc
https://twitter.com/cyb3rops/status/608600416188821504
http://t.co/UryX9Q7PdX
http://community.websense.com/blogs/securitylabs/archive/2015/06/10/large-malvertizing-campaign-leads-to-angler-ek-amp-bunitu-malware.aspx
https://twitter.com/cyb3rops/status/608577937684729856
http://t.co/nT4oXNmnnq
http://seclist.us/updates-medusa-v-2-2rc2-is-a-speedy-parallel-and-modular-login-brute-forcer.html
https://twitter.com/cyb3rops/status/608511631002365952
http://t.co/MqrRle9r62
http://blogs.technet.com/b/mmpc/archive/2015/06/09/windows-10-to-offer-application-developers-new-malware-defenses.aspx
https://twitter.com/cyb3rops/status/608384069773217794
http://t.co/CtCCuGxPoK
http://seclist.us/gcat-a-fully-featured-backdoor-that-uses-gmail-as-a-cc-server.html
https://twitter.com/cyb3rops/status/608380282312531969
http://t.co/nq9H6egHvm
https://t.co/gRqaNU6PaB
http://www.fidelissecurity.com/sites/default/files/FTA_1017_Phishing_in_Plain_Sight-Body-FINAL.pdf
https://github.com/Neo23x0/Loki/commit/8859cee99fea91d748549a710cb737a432deea18
https://twitter.com/cyb3rops/status/608358613644673024
http://t.co/u2T4pnYpu0
http://researchcenter.paloaltonetworks.com/2015/06/palo-alto-networks-researcher-discovers-3-critical-internet-explorer-vulnerabilities-2/
https://twitter.com/cyb3rops/status/608348270495186945
https://twitter.com/cyb3rops/status/608339083698556929
https://twitter.com/cyb3rops/status/608337666887839746
https://twitter.com/cyb3rops/status/608335562618097665
https://t.co/ntoIvgJboa
https://technet.microsoft.com/en-us/library/security/MS15-062
https://twitter.com/cyb3rops/status/608335464110694400
https://t.co/CKOioyVkm0
https://technet.microsoft.com/en-us/library/security/MS15-060
https://twitter.com/cyb3rops/status/608326319533920256
http://t.co/jowfqVLMeJ
http://www.threatgeek.com/2015/06/fidelis-threat-advisory-1017-phishing-in-plain-sight.html
https://twitter.com/cyb3rops/status/608325653214162944
https://t.co/e64hww5ymy
https://www.f-secure.com/weblog/archives/00002816.html
https://twitter.com/cyb3rops/status/608324515207254016
http://t.co/TJEjLIHjAE
http://blog.checkpoint.com/2015/06/09/new-data-volatile-cedar/
https://twitter.com/cyb3rops/status/608324165834309632
https://t.co/H4T8PZ96lF
https://isc.sans.edu/diary.html?storyid=19779&rss
https://twitter.com/cyb3rops/status/608323902482358272
http://t.co/0uwHBnYw9d
http://seclist.us/oracle-evil-cursor-injection-exploit.html
https://twitter.com/cyb3rops/status/608251685237084160
http://t.co/2tecUOX5JQ
http://resources.infosecinstitute.com/reverse-engineering-of-embedded-devices/
https://twitter.com/cyb3rops/status/608228147646054400
http://t.co/te0QvjXdDW
http://seclist.us/scanner-inurlbr-php-script-to-exploit-get-post-capturing-emails-urls.html
https://twitter.com/cyb3rops/status/608181316983615488
https://t.co/fdCdIjBaZR
https://t.co/qDNQ2tRp3y
https://www.virustotal.com/en/file/d8fdde5aff8fb254a945eec557009e1a1e6c320d1a83b8c81e218e756fba334c/analysis/
https://www.virustotal.com/en/file/9187fac9641b8eae84b07bb98358cd21a2c739981981f969e77dbd809c716885/analysis/
https://twitter.com/cyb3rops/status/608171147562258434
http://t.co/LSfQsU98u6
http://www.kitploit.com/2015/06/proxenet-hacker-friendly-proxy-for-web.html
https://twitter.com/cyb3rops/status/608171090448400385
http://t.co/WX2YNOUStH
http://seclist.us/remotewritemonitor-a-tool-to-help-malware-analysts-tell-that-the-sample-is-injecting-code-into-other-process.html
https://twitter.com/cyb3rops/status/608170939826749441
http://t.co/rlq7y9ApO6
http://seclist.us/rabidsqrl-is-an-sql-injection-attack-tool.html
https://twitter.com/cyb3rops/status/608169847378354176
http://t.co/U3SeX1y8up
http://blog.trendmicro.com/trendlabs-security-intelligence/poc-shows-mac-os-x-uefi-attacks-are-possible-what-does-this-mean-for-mac-users/
https://twitter.com/cyb3rops/status/608169748749238273
http://t.co/DXr5EqoPhV
http://securityintelligence.com/tinba-worlds-smallest-malware-has-big-bag-of-nasty-tricks/
https://twitter.com/cyb3rops/status/608021971071324160
https://t.co/7xFTciPyPB
https://www.google.com/ideas/products/project-shield/?ref=producthunt
https://twitter.com/cyb3rops/status/607993168450027520
http://t.co/ldUsnQU6oJ
http://www.fuzzysecurity.com/tutorials/expDev/6.html
https://twitter.com/cyb3rops/status/607985768318038016
http://t.co/Wg6gFmflIF
http://malware.dontneedcoffee.com/2015/06/fast-look-at-sundown-ek.html
https://twitter.com/cyb3rops/status/607980754702876672
http://t.co/VkdGqqpqbS
http://www.darknet.org.uk/2015/06/patator-multi-threaded-service-url-brute-forcing-tool/
https://twitter.com/cyb3rops/status/607948214495346688
https://t.co/z4kfHMnipy
https://media.blackhat.com/us-13/US-13-Yarochkin-In-Depth-Analysis-of-Escalated-APT-Attacks-Slides.pdf
https://twitter.com/cyb3rops/status/607943153560125440
http://t.co/qAKfP8sl62
https://t.co/awhdYI1NkO
http://carlosrafaelgn.com.br/Asm86/
https://twitter.com/binitamshah/status/607938228511870977
https://twitter.com/cyb3rops/status/607897380189532160
http://t.co/AoFTec5I5Y
http://securityaffairs.co/wordpress/37612/cyber-crime/malumpos-pos-malware.html
https://twitter.com/cyb3rops/status/607869184706494465
https://twitter.com/cyb3rops/status/607854194326802432
http://t.co/DbWLX7RyRe
http://www.fuzzysecurity.com/tutorials/18.html
https://twitter.com/cyb3rops/status/607853628104314882
https://twitter.com/cyb3rops/status/607846982569238528
http://t.co/zUIGlfEcVz
http://blogs.citrix.com/2013/09/22/citrix-consolidated-list-of-antivirus-exclusions/
https://twitter.com/cyb3rops/status/607797416578936833
http://t.co/fHDqiidaCI
http://seclist.us/updates-slither-python-web-attack-framework.html
https://twitter.com/cyb3rops/status/607797195958571008
http://t.co/Dg56WN2EC0
http://www.kitploit.com/2015/06/the-exploit-database-git-repository.html
https://twitter.com/cyb3rops/status/607627747213602816
https://twitter.com/cyb3rops/status/607625661646303232
http://t.co/nKlOCuu6NI
http://seclist.us/updates-3viltwinattacker-v-0-5-9-framework-for-eviltwin-attacks.html
https://twitter.com/cyb3rops/status/607544485103476737
http://t.co/GscaMAELpP
http://seclist.us/perlbackdoor-a-advanced-perl-backdoor.html
https://twitter.com/cyb3rops/status/607544243956162560
http://t.co/Oduk5JcOvP
http://seclist.us/updates-mitmproxy-v-0-12-1-is-an-interactive-ssl-capable-man-in-the-middle-proxy-for-http-with-a-console-interface.html
https://twitter.com/cyb3rops/status/607306933469646848
http://t.co/l8fK2eiZ4g
http://seclist.us/updates-arachni-v-2-0-dev-1-0-web-application-security-scanner-framework.html
https://twitter.com/cyb3rops/status/607214773235793920
http://t.co/M0vWZ08nvq
http://www.kitploit.com/2015/06/chromepass-chrome-browser-password.html
https://twitter.com/cyb3rops/status/607196480395464705
http://t.co/BcqrZCGChq
http://securityaffairs.co/wordpress/37594/cyber-crime/eataly-nyc-data-breach.html
https://twitter.com/cyb3rops/status/607088797860380674
http://t.co/4cDKvvTGhN
https://t.co/XoiKB1lTys
http://pastebin.com/m9ja3Fhe
https://www.virustotal.com/en/file/d253d99e3da314321eea833e553f784f1a6f18daff649e0a1818135753f292de/analysis/
https://twitter.com/cyb3rops/status/607069197965901825
http://t.co/oHQMhC7Gz7
http://seclist.us/vbscript-obfuscation-to-allow-pentesters-bypass-countermeasures.html
https://twitter.com/cyb3rops/status/606962236955983872
http://t.co/xSKI9RaBoH
http://www.libertarianism.org/columns/libertarian-views-intellectual-property-rothbard-tucker-spooner-rand
https://twitter.com/cyb3rops/status/606957835650494464
http://t.co/9opisYumnb
http://www.darknet.org.uk/2015/06/shadow-daemon-web-application-firewall/
https://twitter.com/cyb3rops/status/606957371236220928
http://t.co/TLI4HKMWEd
http://jessekornblum.livejournal.com/295999.html
https://twitter.com/cyb3rops/status/606957276247826433
http://t.co/qCZKKpgx9e
http://www.kitploit.com/2015/06/bypasswaf-burp-plugin-to-bypass-some.html
https://twitter.com/cyb3rops/status/606936215074557952
http://t.co/nMzTkZeQYu
http://blog.trendmicro.com/trendlabs-security-intelligence/trend-micro-discovers-malumpos-targets-hotels-and-other-us-industries/
https://twitter.com/cyb3rops/status/606902289278844928
http://t.co/fDxSR8lsYJ
http://www.kitploit.com/2015/06/sqlipy-plugin-for-burp-suite-that.html
https://twitter.com/cyb3rops/status/606890580690485248
http://t.co/ZkcACneQsi
http://blog.malwarebytes.org/online-security/2015/06/fake-ups-email-leads-to-nikola-tesla-and-bifilar-coils/
https://twitter.com/cyb3rops/status/606890534095978496
http://t.co/fZ3CLwQbzp
http://blogs.cisco.com/security/talos/resume-spam-cryptowall
https://twitter.com/cyb3rops/status/606890315698569217
http://t.co/M8Psu3ac1t
http://seclist.us/updates-honeybadger-v-05062015-tcp-attack-inquisitor-and-0-day-catcher.html
https://twitter.com/cyb3rops/status/606890258979037184
http://t.co/SHqiNfuy8m
http://seclist.us/mod_wallz-and-web-firewall-released.html
https://twitter.com/cyb3rops/status/606890211667283968
http://t.co/11eG8dbPUj
http://blog.checkpoint.com/2015/05/27/captipper-malicious-http-traffic-explorer/
https://twitter.com/cyb3rops/status/606807734034571264
http://t.co/R7MJ9l457y
http://blogs.cisco.com/security/talos/angler-update
https://twitter.com/cyb3rops/status/606788607429505024
http://t.co/Twihg3z8DS
http://ddecode.com/phpdecoder/
https://twitter.com/cyb3rops/status/606774693614501888
http://t.co/c3BH8B0GOU
http://securityaffairs.co/wordpress/37552/cyber-crime/cryptowall-3-0-campaign.html
https://twitter.com/cyb3rops/status/606719454240776193
https://t.co/hlk9XI44R1
https://twitter.com/kaspersky/status/606577496071487490
https://twitter.com/cyb3rops/status/606601625789169664
http://t.co/UvTUilc9IX
http://researchcenter.paloaltonetworks.com/2015/06/keybase-keylogger-malware-family-exposed/
https://twitter.com/cyb3rops/status/606554645096329219
http://t.co/OQxBNPVFsm
http://en.m.wikipedia.org/wiki/Rubicon
https://twitter.com/cyb3rops/status/606554110796558337
http://t.co/BI805CtdOC
http://research.zscaler.com/2015/06/signed-cryptowall-30-variant-delivered.html
https://twitter.com/cyb3rops/status/606532323530678273
http://t.co/lznJLL2gS4
http://seclist.us/updates-parrot-2-0rc6-is-a-cloud-friendly-operating-system-designed-for-pentesting-computer-forensic.html
https://twitter.com/cyb3rops/status/606528595520012288
http://t.co/zTUTzR9ZA1
http://seclist.us/updates-vectorattackscanner-a-tool-to-search-vulnerable-points-to-attack.html
https://twitter.com/cyb3rops/status/606478209874575360
https://twitter.com/cyb3rops/status/606475831154757632
https://twitter.com/cyb3rops/status/606460292940374017
http://t.co/ZCI9UuJhq4
http://securityintelligence.com/detecting-and-analyzing-kernel-based-malware/
https://twitter.com/cyb3rops/status/606418769074880512
http://t.co/w5IJYxDmj0
http://securityblog.gr/2724/scan-running-processes-for-unsigned-dlls/
https://twitter.com/cyb3rops/status/606399863576784896
https://twitter.com/cyb3rops/status/606396121481674752
https://twitter.com/cyb3rops/status/606395426317733890
https://t.co/VVqnGnteb3
https://github.com/Neo23x0/Loki
https://twitter.com/cyb3rops/status/606358589335326720
https://t.co/JNa6FnM3wv
https://nmap.org/changelog.html
https://twitter.com/cyb3rops/status/606349914516430848
https://t.co/XCU87lp60p
https://isc.sans.edu/diary.html?storyid=19763&rss
https://twitter.com/cyb3rops/status/606349783314350080
http://t.co/qT7lAUtIop
http://blog.checkpoint.com/2015/05/29/wipe-leaves-crumbs-android-app-tampering-sms-iphone-crash-mobile-security-weekly/
https://twitter.com/cyb3rops/status/606349166760087552
http://t.co/SopODnSSQ7
http://digital-forensics.sans.org/blog/2015/06/04/new-windows-forensics-evidence-of-poster-released
https://twitter.com/cyb3rops/status/606348961734082560
http://t.co/JJLRP7Q2m8
http://seclist.us/updates-lynis-v-2-1-0-is-a-system-and-security-auditing-tool-for-unixlinux.html
https://twitter.com/cyb3rops/status/606212919148310528
https://t.co/6nQiBi3gRf
https://t.co/CAYs6cUFT0
https://github.com/kevthehermit/dc-toolkit
https://techanarchy.net/?attachment_id=836
https://twitter.com/cyb3rops/status/606179687396724737
http://t.co/SQYvpuMJUW
http://www.kitploit.com/2015/06/web-security-dojo-training-environment.html
https://twitter.com/cyb3rops/status/606179627674005505
http://t.co/VMnirnXKdm
http://www.darknet.org.uk/2015/06/openssh-on-windows-its-happening/
https://twitter.com/cyb3rops/status/606118730993684481
http://t.co/czERWAyF1A
http://phishme.com/disrupting-an-adware-serving-skype-botnet/
https://twitter.com/cyb3rops/status/606097976323416065
http://t.co/8WqX9aSawt
http://securityaffairs.co/wordpress/37468/cyber-crime/global-phishing-survey-2h2014.html
https://twitter.com/cyb3rops/status/606083837223936001
http://t.co/GBcriUZBI3
http://blog.malwarebytes.org/online-security/2015/06/download-virus-email-comes-with-a-twist/
https://twitter.com/cyb3rops/status/606083742738874369
http://t.co/xQ1cC9ddHt
http://blogs.msdn.com/b/looking_forward_microsoft__support_for_secure_shell_ssh1/archive/2015/06/02/managing-looking-forward-microsoft-support-for-secure-shell-ssh.aspx
https://twitter.com/cyb3rops/status/606046464356294657
https://t.co/xz8EiDT3v5
https://blog.obdev.at/post/introducing-micro-snitch/
https://twitter.com/cyb3rops/status/606046190606630912
http://t.co/gN2dFu83gH
http://nakedsecurity.sophos.com/2015/06/03/android-m-will-give-app-users-a-lot-better-control-over-their-data-privacy
https://twitter.com/cyb3rops/status/605852765013708800
https://twitter.com/cyb3rops/status/605832708267196417
http://t.co/nr8RYfjPfk
http://seclist.us/brutex-automatically-brute-force-all-services-running-on-a-target.html
https://twitter.com/cyb3rops/status/605815317256806401
http://t.co/kbdMVacugJ
http://gitup.co/?ref=producthunt
https://twitter.com/cyb3rops/status/605811575769853952
http://t.co/hZ6CbVlZZr
http://seclist.us/badger-the-swiss-army-knife-for-windows-exploit-development.html
https://twitter.com/cyb3rops/status/605787690995322880
http://t.co/WNfD2DHdXE
http://blog.checkpoint.com/2015/06/02/new-vulnerabilities-discovered-in-wordpress/
https://twitter.com/cyb3rops/status/605762249089777665
http://t.co/dFAp7QKgTD
http://securityaffairs.co/wordpress/37439/malware/rombertik-sample-nigeria-link.html
https://twitter.com/cyb3rops/status/605754597420990464
http://t.co/Dr9LiRZS3W
http://securityblog.gr/2709/scan-windows-for-suspicious-executable-images/
https://twitter.com/cyb3rops/status/605627497368141824
https://t.co/LiqB5cELAz
https://github.com/docker/docker-bench-security
https://twitter.com/cyb3rops/status/605611365181624320
http://t.co/JZVSEICXTI
http://www.kitploit.com/2015/06/pixiewps-bruteforce-offline-wps-pin.html
https://twitter.com/cyb3rops/status/605611291961618432
http://t.co/3xicpBoHvK
http://seclist.us/router-exploitation-toolkit-rext.html
https://twitter.com/cyb3rops/status/605507398200111104
http://t.co/LotNhNtiMN
http://blog.crowdstrike.com/rhetoric-foreshadows-cyber-activity-in-the-south-china-sea/
https://twitter.com/cyb3rops/status/605484700854034432
http://t.co/WBjTL0WOXv
http://researchcenter.paloaltonetworks.com/2015/06/understanding-flash-exploitation-and-the-alleged-cve-2015-0359-exploit/
https://twitter.com/cyb3rops/status/605465533178388480
http://t.co/WYRUbwEr5L
http://securityintelligence.com/organizations-ramp-up-on-nosql-databases-but-what-about-security/
https://twitter.com/cyb3rops/status/605462953975005185
http://t.co/ihM0JHr1Zn
http://seclist.us/updates-rop-tool-v-2-3-a-tool-to-help-you-write-binary-exploits.html
https://twitter.com/cyb3rops/status/605446369617297408
http://t.co/QEIP14x1Cl
http://seclist.us/updates-rips-v-0-5-5-released-a-static-source-code-analyser-for-vulnerabilities-in-php-scripts.html
https://twitter.com/cyb3rops/status/605446178755473408
http://t.co/oYdW6anRae
http://blog.checkpoint.com/2015/06/01/troldesh-new-ransomware-from-russia/
https://twitter.com/cyb3rops/status/605442492637552641
https://t.co/P7RzTAe0T0
https://gist.github.com/
https://twitter.com/cyb3rops/status/605324084474482688
http://t.co/DAaHjDssUj
http://www.net-security.org/review.php?id=345
https://twitter.com/cyb3rops/status/605323956011339776
http://t.co/xIKL6LDa9J
http://nakedsecurity.sophos.com/2015/06/01/thousands-of-sites-block-and-redirect-congress-to-patriot-act-protest-page
https://twitter.com/cyb3rops/status/604982797510541312
http://t.co/QdFwNwTo1M
http://www.engadget.com/2015/05/29/weaponizing-code/
https://twitter.com/cyb3rops/status/604973807074455552
https://t.co/98DYLFZCSS
https://isc.sans.edu/diary.html?storyid=19749&rss
https://twitter.com/cyb3rops/status/604954457806413824
http://t.co/foXZ3wW236
http://seclist.us/tlscan-pure-python-ssltls-protocol-and-cipher-scannerenumerator.html
https://twitter.com/cyb3rops/status/604929792509640704
http://t.co/4jOydjk3tQ
http://www.kitploit.com/2015/05/ashttp-shell-command-to-expose-any.html
https://twitter.com/cyb3rops/status/604884831114248192
http://t.co/vQTEFJo92r
http://seclist.us/event_sniffer-linux-keylogger-based-on-devinputevent-devices.html
https://twitter.com/cyb3rops/status/604780761942781953
http://t.co/Gb5GojYGu1
http://securityaffairs.co/wordpress/37346/cyber-crime/locker-ransomware-db-dump.html
https://twitter.com/cyb3rops/status/604779992430592002
https://t.co/uWu6LZyVoq
https://twitter.com/dotMudge/status/604489000041091072
https://twitter.com/cyb3rops/status/604752660558934017
https://t.co/qEwXGY970V
https://twitter.com/axcheron/status/604697234077302784
https://twitter.com/cyb3rops/status/604751392151093248
http://t.co/glc9ilPWxM
http://www.darknet.org.uk/2015/05/owasp-zed-attack-proxy-integrated-penetration-testing-tool/
https://twitter.com/cyb3rops/status/604646233764970497
http://t.co/YpGSEcBtpp
http://seclist.us/updates-veil-evasion-v-2-20-1-is-a-tool-designed-to-generate-metasploit-payloads-that-bypass-common-anti-virus-solutions.html
https://twitter.com/cyb3rops/status/604646096346988544
http://t.co/KCaSJ8JfNi
http://www.kitploit.com/2015/05/plecost-wordpress-vulnerabilities-finder.html
https://twitter.com/cyb3rops/status/604646052424228864
http://t.co/SJhwRoRqEQ
http://securityaffairs.co/wordpress/37325/malware/locker-ransomware-analysis.html
https://twitter.com/cyb3rops/status/604565576732798976
http://t.co/qQdn8u7RWY
http://seclist.us/exploit-suggester-it-focusses-for-local-exploitation-on-sun-solaris-machine.html
https://twitter.com/cyb3rops/status/604549673383276545
http://t.co/CxRLTzXZXa
http://www.threatglass.com/
https://twitter.com/cyb3rops/status/604434917238435840
https://twitter.com/cyb3rops/status/604386828356096000
https://t.co/3jHdK0cG00
https://blogs.mcafee.com/mcafee-labs/when-hackers-get-hacked-the-malware-servers-of-a-data-stealing-campaign
https://twitter.com/cyb3rops/status/604321779910365184
https://t.co/sYKTIZnsVI
https://securelist.com/blog/opinions/70149/lessons-learned-from-flame-three-years-later/
https://twitter.com/cyb3rops/status/604283196444971010
https://t.co/JWh588BRg9
https://twitter.com/GlassWireLabs/status/604276009999802369
https://twitter.com/cyb3rops/status/604281367476736001
http://t.co/JnGHTC53pe
http://securityblog.gr/2692/list-symbols-from-binary-files/
https://twitter.com/cyb3rops/status/604263053488734208
https://t.co/YFP7VP9ZYe
https://twitter.com/KevTheHermit/status/604254299506479104
https://twitter.com/cyb3rops/status/604192153376530432
http://t.co/mPWJGX7gZD
http://seclist.us/medusa-v-2-2rc1-released-is-a-speedy-parallel-and-modular-login-brute-forcer.html
https://twitter.com/cyb3rops/status/604191979153575936
https://t.co/QwNZfFwArd
https://hiddencodes.wordpress.com/2015/05/29/angler-exploit-kit-breaks-referer-chain-using-https-to-http-redirection/
https://twitter.com/cyb3rops/status/604034838560141312
http://t.co/9OfvPfp9Ob
http://blog.malwarebytes.org/fraud-scam/2015/05/keygen-capers-and-suurgle-surveys/
https://twitter.com/cyb3rops/status/603983612086788096
https://twitter.com/cyb3rops/status/603980458246942720
https://t.co/FJyAi1XBK7
https://twitter.com/GelosSnake/status/603958413845012481
https://twitter.com/cyb3rops/status/603978612660903936
http://t.co/M06ekE7qNx
http://blog.malwarebytes.org/online-security/2015/05/secure-boot/
https://twitter.com/cyb3rops/status/603978503785156609
http://t.co/mNGAGqnsEL
http://seclist.us/hacksys-extreme-vulnerable-driver.html
https://twitter.com/cyb3rops/status/603978013932412929
http://t.co/i9WstwUc3b
http://blog.malwarebytes.org/exploits-2/2015/05/unusual-exploit-kit-targets-chinese-users-part-1/
https://twitter.com/cyb3rops/status/603956215329193984
http://t.co/2BAiA0ExG3
http://researchcenter.paloaltonetworks.com/2015/05/the-latest-flash-uaf-vulnerabilities-in-exploit-kits/
https://twitter.com/cyb3rops/status/603955899233923072
http://t.co/R5As3OpK4z
http://windowsir.blogspot.com/2015/05/detecting-lateral-movement.html
https://twitter.com/cyb3rops/status/603955348760875009
http://t.co/ZtWpUrcqVY
http://securityintelligence.com/proactive-threat-hunting-and-memory-forensics-against-rombertik/
https://twitter.com/cyb3rops/status/603944660764090368
https://twitter.com/cyb3rops/status/603914648451153920
https://t.co/CTynF004Ft
https://t.co/sCB2SGCAwk
https://www.trustwave.com/Resources/SpiderLabs-Blog/Malicious-Macros-Evades-Detection-by-Using-Unusual-File-Format/#
https://github.com/Neo23x0/Loki/blob/master/signatures/general_officemacros.yar#L26
https://twitter.com/cyb3rops/status/603862922452967424
https://t.co/QeOR8BXg62
https://twitter.com/mfeferman/status/603667591131885568
https://twitter.com/cyb3rops/status/603812503047516160
http://t.co/LGE2jhnMjw
http://www.kitploit.com/2015/05/inurlbr-advanced-search-in-multiple.html
https://twitter.com/cyb3rops/status/603812234733690880
https://t.co/kGvMiXzxRt
https://securelist.com/blog/research/70087/grabit-and-the-rats/
https://twitter.com/cyb3rops/status/603810553576972288
http://t.co/CBHx4rZe6H
http://blog.trendmicro.com/trendlabs-security-intelligence/trend-micro-discovers-apache-vulnerability-that-allows-one-click-modification-of-android-apps/
https://twitter.com/cyb3rops/status/603446533485436928
https://twitter.com/cyb3rops/status/603328336128045056
http://t.co/3eur75mziZ
http://seclist.us/updates-voldiff-malware-memory-footprint-analysis.html
https://twitter.com/cyb3rops/status/603328217345294337
http://t.co/xu6KgoV4iF
http://www.kitploit.com/2015/05/ws-attacker-modular-framework-for-web.html
https://twitter.com/cyb3rops/status/603327402991816705
http://t.co/kZDbPgalcn
http://code.kliu.org/hashcheck/
https://twitter.com/cyb3rops/status/603310607169933312
https://t.co/9hxA5mgsOO
https://twitter.com/richardhicks/status/603288199230824448
https://twitter.com/cyb3rops/status/603296460613033987
https://twitter.com/cyb3rops/status/603292550666055682
https://twitter.com/cyb3rops/status/603292271388295168
https://twitter.com/cyb3rops/status/603286383915094017
https://twitter.com/cyb3rops/status/603284498122407936
http://t.co/I0kY99Nhs1
http://blog.malwarebytes.org/fraud-scam/2015/05/tech-support-scammers-go-for-pornographic-shocker/
https://twitter.com/cyb3rops/status/603284111390806016
http://t.co/FkqwHkCNxC
http://blog.trendmicro.com/trendlabs-security-intelligence/attack-of-the-solo-cybercriminals-frapstar-in-canada/
https://twitter.com/cyb3rops/status/603283818922016768
http://t.co/zUkERY2DRW
http://www.fireeye.com/blog/threat-research/2015/05/the_teenage_mutantm.html
https://twitter.com/cyb3rops/status/603283510040928256
http://t.co/tZ92RT6LaG
https://t.co/ObqQIPvG1G
http://errorcontent.com
https://isc.sans.edu/diary.html?storyid=19733&rss
https://twitter.com/cyb3rops/status/603279943401918464
https://twitter.com/cyb3rops/status/603224081123713024
http://t.co/hTS4LwOdfZ
http://www.welivesecurity.com/2015/05/26/dissecting-linuxmoose/
https://twitter.com/cyb3rops/status/603184961869459456
http://t.co/zjryEat0do
http://seclist.us/vdiscover-a-tool-to-predict-vulnerability-discovery-of-binary-only-programs.html
https://twitter.com/cyb3rops/status/603184724274716672
http://t.co/7wEcPktnRk
http://securityintelligence.com/https-visualization-with-hviz/
https://twitter.com/cyb3rops/status/603121484672987136
https://t.co/aWJgkpJOlA
https://github.com/Neo23x0/Loki/blob/master/loki.py#L223
https://twitter.com/cyb3rops/status/603095280976801792
http://t.co/8yew3QQwyD
http://blog.erratasec.com/2015/05/this-is-how-we-get-ants.html
https://twitter.com/cyb3rops/status/602942445685481472
http://t.co/lhQ4AxLyx8
http://seclist.us/linux-backdoor-implementation-written-in-python.html
https://twitter.com/cyb3rops/status/602909593136693250
http://t.co/xwiAiEHLrr
http://www.darknet.org.uk/2015/05/zzuf-multi-purpose-application-input-fuzzing-tool/
https://twitter.com/cyb3rops/status/602865610574405632
http://t.co/d4s1IILh06
http://seclist.us/scepwn-ng-a-winexepsexec-wrapper-to-use-sce-and-a-msfvenom-generated-payload-on-a-target-system.html
https://twitter.com/cyb3rops/status/602772550515580928
http://t.co/YODULbq3wK
http://malware.dontneedcoffee.com/2015/05/on-other-side-of-ctb-locker-affiliate.html
https://twitter.com/cyb3rops/status/602619557417775105
http://t.co/ogGJsby0Ud
http://middleeastmalware.blogspot.com/2015/05/cyber-attack-16.html
https://twitter.com/cyb3rops/status/602618633223802880
http://t.co/YVtfP8fMie
http://seclist.us/lightaidra-irc-based-mass-router-scanner-exploiter.html
https://twitter.com/cyb3rops/status/602578268433326080
http://t.co/jf8NbKIqQC
http://blog.malwarebytes.org/security-threat/2015/05/fake-adblocker-bylekh-is-an-lsp-hijacker/
https://twitter.com/cyb3rops/status/602503688666619904
http://t.co/WdsV0X2crf
http://we.tl/8pPFsQc0T4
https://twitter.com/cyb3rops/status/602469059897249792
https://t.co/YLP9IZlnxT
https://github.com/Neo23x0/Loki/blob/master/signatures/crime_cryptowall_svg.yar
https://twitter.com/cyb3rops/status/602439550288396288
http://t.co/6KHEGWXGhN
http://securityaffairs.co/wordpress/37112/cyber-crime/the-phantom-menace.html
https://twitter.com/cyb3rops/status/602439230795718656
http://t.co/rBI50OD0rX
http://seclist.us/ufonet-v0-5b-invasion-released-ddos-attacks-via-web-abuse.html
https://twitter.com/cyb3rops/status/602354210588459008
http://t.co/WKPmMnoiX4
http://www.darknet.org.uk/2015/05/web-security-dojo-2-0-self-contained-web-hacking-training/
https://twitter.com/cyb3rops/status/602354137183997952
https://t.co/vXKUPzc3K7
https://blogs.mcafee.com/mcafee-labs/meet-tox-ransomware-for-the-rest-of-us
https://twitter.com/cyb3rops/status/602240337009061888
https://t.co/st6cr1fVFv
https://clearlinux.org/
https://twitter.com/cyb3rops/status/602196827543379971
http://t.co/0fRd9h4Hb0
http://seclist.us/owasp-webgoat-benchmark-edition-wbe-v-1-1-released.html
https://twitter.com/cyb3rops/status/602196717224726528
http://t.co/DiNcvjbOzj
http://www.fireeye.com/blog/threat-research/2015/05/nitlovepos_another.html
https://twitter.com/cyb3rops/status/602086937650946049
https://t.co/vhJNkxGsid
https://twitter.com/binitamshah/status/602068312181223424
https://twitter.com/cyb3rops/status/602032497015300096
http://t.co/OHW4pBe3d5
http://seclist.us/updates-o-saft-v-15-05-15-owasp-ssl-audit-for-testers-owasp-ssl-advanced-forensic-tool.html
https://twitter.com/cyb3rops/status/601995469691191296
https://t.co/kx1kUKbt8a
https://twitter.com/binitamshah/status/601905667843051520
https://twitter.com/cyb3rops/status/601993577825206272
http://t.co/GkvsrHGgoe
http://www.kitploit.com/2015/05/smartty-multi-tabbed-ssh-client-with.html
https://twitter.com/cyb3rops/status/601993459856252928
http://t.co/2ps5Ds9fFI
http://www.kitploit.com/2015/05/ftpmap-ftp-scanner-in-c.html
https://twitter.com/cyb3rops/status/601855221933932544
http://t.co/P7DHAqH3Sl
http://seclist.us/kbdlogd-a-simple-keylogger-that-uses-devinput-device-as-source.html
https://twitter.com/cyb3rops/status/601825323194437632
https://t.co/Zl6tTfZVN7
https://twitter.com/_devonkerr_/status/601793991923933184
https://twitter.com/cyb3rops/status/601822217404588032
http://t.co/WyPJXGeWlU
http://seclist.us/updates-mitmf-v-0-9-7-framework-for-man-in-the-middle-attacks.html
https://twitter.com/cyb3rops/status/601806423371227136
http://t.co/jBaRogBhlj
http://securityaffairs.co/wordpress/37059/malware/svg-files-serve-malware.html
https://twitter.com/cyb3rops/status/601728410214359040
https://twitter.com/cyb3rops/status/601727962518552576
https://twitter.com/cyb3rops/status/601721835995136002
https://t.co/hUJY9cVNHu
https://blog.gdatasoftware.com/blog/article/the-av-community-mourns-for-professor-klaus-brunnstein.html
https://twitter.com/cyb3rops/status/601721336277393408
http://t.co/lKp1nMpQ7d
http://blog.trendmicro.com/trendlabs-security-intelligence/joke-or-blunder-carbanak-cc-leads-to-russia-federal-security-service/
https://twitter.com/cyb3rops/status/601666949391716352
http://t.co/bRuoS24erv
http://www.net-security.org/secworld.php?id=18416
https://twitter.com/cyb3rops/status/601651771384197120
http://t.co/KIZI3PrGUV
http://securityaffairs.co/wordpress/37045/cyber-crime/ransomware-removal-kit.html
https://twitter.com/cyb3rops/status/601624649781379072
http://t.co/KBAe9Ar6bv
http://seclist.us/pambd-small-and-fast-solution-to-create-a-undetectable-backdoor-through-the-pam-module.html
https://twitter.com/cyb3rops/status/601484472438136834
http://t.co/agk8aDZmDz
http://www.kitploit.com/2015/05/shellcheck-automatically-detects.html
https://twitter.com/cyb3rops/status/601464112195862528
https://t.co/rMfyRa1Gpi
https://soundcloud.com/florian-roth-10/master-control-program-mix
https://twitter.com/cyb3rops/status/601462819599437829
http://t.co/GoHlbJqWpk
http://somafm.com/defcon/
https://twitter.com/cyb3rops/status/601434864332582914
http://t.co/lTXin1zzqN
http://www.pcworld.com/article/2925084/nsa-planned-to-hijack-google-play-store-samsung-app-store-to-deliver-malware.html
https://twitter.com/cyb3rops/status/601432442206081024
https://t.co/viXtbVg4pb
https://github.com/MITRECND/multiscanner
https://twitter.com/cyb3rops/status/601387539933593601
https://twitter.com/cyb3rops/status/601379325422764032
https://t.co/4I1ED0gwbK
https://www.blueliv.com/research/performing-automated-yara-qa-with-cuckoo/
https://twitter.com/cyb3rops/status/601287541833211904
http://t.co/iSn9sJLhMx
http://lcamtuf.blogspot.com/2015/05/lesser-known-features-of-afl-fuzz.html
https://twitter.com/cyb3rops/status/601287052357967872
https://twitter.com/cyb3rops/status/601260491411988480
http://t.co/i9ntBaL07Q
http://krebsonsecurity.com/2015/05/mspy-denies-breach-even-as-customers-confirm-it/
https://twitter.com/cyb3rops/status/601260339980857344
http://t.co/p3stgOvJbB
http://seclist.us/dirs3arch-https-directoryfile-brute-forcer.html
https://twitter.com/cyb3rops/status/601259830851063808
https://t.co/al4yupLlch
https://github.com/XiphosResearch/exploits/blob/master/README.md
https://twitter.com/cyb3rops/status/601258511423660032
http://t.co/ApvjVdQ90y
http://seclist.us/wpa-attack-extremly-simple-script-that-can-be-used-to-crack-wpa-network-password.html
https://twitter.com/cyb3rops/status/601108770874331136
http://t.co/1dlXygQavQ
http://research.zscaler.com/2015/05/rig-exploit-kit-infection-cycle-analysis.html
https://twitter.com/cyb3rops/status/601108255570530304
https://twitter.com/cyb3rops/status/601106781583073280
http://t.co/w5gAlaHqw4
http://www.kitploit.com/2015/05/securitysoftview-displays-antivirus.html
https://twitter.com/cyb3rops/status/601064597404164096
http://t.co/nxSviGSrBx
http://blog.checkpoint.com/2015/05/20/storm-kit-changing-the-rules-of-the-ddos-attack/
https://twitter.com/cyb3rops/status/600907394936393728
https://t.co/34QcwQIxSU
https://twitter.com/helpnetsecurity/status/600903902326841344
https://twitter.com/cyb3rops/status/600898903337205760
http://t.co/n0JNdTXxFb
http://krebsonsecurity.com/2015/05/security-firm-redefines-apt-african-phishing-threat/
https://twitter.com/cyb3rops/status/600882432208932865
https://t.co/1Q4D6qifX4
https://blogs.mcafee.com/mcafee-labs/krakenlaziok-http-bot-controls-victims-with-remote-admin-tool
https://twitter.com/cyb3rops/status/600882334490046464
https://t.co/9fgVgSo2dk
https://isc.sans.edu/diary.html?storyid=19717&rss
https://twitter.com/cyb3rops/status/600730136791617536
http://t.co/HDRjMqM5pr
http://securityblog.gr/2628/browse-and-query-wmi/
https://twitter.com/cyb3rops/status/600729582346592256
http://t.co/cjI4v3767G
http://seclist.us/arpy-is-an-easy-to-use-arp-spoofing-mitm-tool.html
https://twitter.com/cyb3rops/status/600633932963516416
http://t.co/ghlwQvEfU0
http://blog.trendmicro.com/trendlabs-security-intelligence/1q-2015-security-roundup-bad-ads-and-zero-days-reemerging-threats-challenge-trust-in-supply-chains-and-best-practices/
https://twitter.com/cyb3rops/status/600632675469144064
https://twitter.com/cyb3rops/status/600540939396980737
https://twitter.com/cyb3rops/status/600519327243173888
http://t.co/x3hw8uvdfj
http://researchcenter.paloaltonetworks.com/2015/05/cmstar-downloader-lurid-and-enfals-new-cousin/
https://twitter.com/cyb3rops/status/600417335598514176
http://t.co/Yg8wSY4ZQt
http://seclist.us/updates-windows-exploit-suggester-revision-v-2-5.html
https://twitter.com/cyb3rops/status/600416861835124737
http://t.co/5lydvjPFzK
http://seclist.us/attacksible-ansible-provisioned-security-testing-platform.html
https://twitter.com/cyb3rops/status/600416618884173826
https://t.co/RL1idn5Vo9
https://isc.sans.edu/diary.html?storyid=19705&rss
https://twitter.com/cyb3rops/status/600329359346540544
http://t.co/WhV2SU2PQJ
http://www.malwaretech.com/2015/05/hard-disk-firmware-hacking-final-part.html
https://twitter.com/cyb3rops/status/600329299498008577
https://t.co/erk51g45bt
https://community.rapid7.com/Rapid7_BlogPostDetail?id=a111400000Ab0N9AAJ
https://twitter.com/cyb3rops/status/600200611074854912
https://t.co/vR3NrsFrKs
https://static1.squarespace.com/static/552092d5e4b0661088167e5c/t/55316497e4b0ed810cdedc8c/1429300564057/Windows+Logging+Cheat+Sheet.pdf
https://twitter.com/cyb3rops/status/600199557402755072
http://t.co/iBv6PWIEmg
http://www.slideshare.net/mobile/Hackerhurricane/ask-aalware-archaeologist?qid=b7c72b3c-e299-4339-8d98-d6d1d96ddd37&v=qf1&b=&from_search=1
https://twitter.com/cyb3rops/status/600195791614058498
https://t.co/dOnzG21GID
https://hiddencodes.wordpress.com/2015/05/18/instrument-microsoft-office-applications-to-defeat-macro-obfuscations/
https://twitter.com/cyb3rops/status/600051616511873024
https://t.co/rvgNikvcwV
https://blog.hboeck.de/archives/872-About-the-supposed-factoring-of-a-4096-bit-RSA-key.html
https://twitter.com/cyb3rops/status/600013136062783489
https://twitter.com/cyb3rops/status/599995733249515520
https://t.co/h4fX0QTX32
https://twitter.com/quequero/status/599950929719369728
https://twitter.com/cyb3rops/status/599994736670281728
http://t.co/RhKLzdmZKS
http://seclist.us/dnsf_ckr-a-dns-exploitation-tool.html
https://twitter.com/cyb3rops/status/599930736259559426
https://twitter.com/cyb3rops/status/599621807184969729
https://twitter.com/cyb3rops/status/599554575478161408
https://t.co/tts4izSwYO
https://twitter.com/piotrkijewski/status/599519426619277312
https://twitter.com/cyb3rops/status/599523746978861056
http://t.co/PJ7aHDAfes
http://www.darknet.org.uk/2015/05/plecost-wordpress-fingerprinting-tool/
https://twitter.com/cyb3rops/status/599511430963015680
http://t.co/zBndS8RU4Q
http://seclist.us/dll_injector-enumerates-processes-and-injects-a-dll-into-user-defined-process.html
https://twitter.com/cyb3rops/status/599342846085361664
https://twitter.com/cyb3rops/status/599316925177569281
http://t.co/ad17ZT2lC1
http://seclist.us/updates-rop-tool-v-2-2-a-tool-to-help-you-write-binary-exploits.html
https://twitter.com/cyb3rops/status/599242910559772673
http://t.co/OkfZp6cN23
http://www.labofapenetrationtester.com/2015/05/week-of-powershell-shells-day-5.html
https://twitter.com/cyb3rops/status/599190845364002816
https://t.co/pEiEpZYY8u
https://twitter.com/teamcymru/status/599189239901859840
https://twitter.com/cyb3rops/status/599189709538119682
http://t.co/YY5vThMqdT
http://www.fireeye.com/blog/threat-research/2015/05/teslacrypt_followin.html
https://twitter.com/cyb3rops/status/599166475933450240
https://t.co/m9UzX7RfwV
https://isc.sans.edu/diary/Another+Maldoc%3F+I%27m+Afraid+So.../19699
https://twitter.com/cyb3rops/status/599140319326654464
https://t.co/j3FIiHzX2e
https://github.com/rapid7/metasploit-framework/pull/5349
https://twitter.com/cyb3rops/status/599094053930672129
http://t.co/j5DYb4X6pJ
http://blog.checkpoint.com/2015/05/14/analysis-havij-sql-injection-tool/
https://twitter.com/cyb3rops/status/598861694807494658
http://t.co/MY3BDEmDo3
http://www.labofapenetrationtester.com/2015/05/week-of-powershell-shells-day-4.html
https://twitter.com/cyb3rops/status/598842926945456129
http://t.co/RUC5jk57Zu
http://www.fireeye.com/blog/threat-research/2015/05/hiding_in_plain_sigh.html
https://twitter.com/cyb3rops/status/598819558556852224
http://t.co/J61oZKJ5XE
http://blog.malwarebytes.org/malvertising-2/2015/05/payload-tested-browser-popup-via-aols-ad-network-causes-a-scare/
https://twitter.com/cyb3rops/status/598790732422500352
http://t.co/fSEqliUVgL
http://www.kitploit.com/2015/05/custom-ssh-backdoor-ssh-backdoor-using.html?m=1
https://twitter.com/cyb3rops/status/598790401059782657
http://t.co/q57NNoTCj9
http://www.kitploit.com/2015/05/remote-dll-injector-v20-command-line.html
https://twitter.com/cyb3rops/status/598790078173949952
http://t.co/hWZX28Zvzz
http://middleeastmalware.blogspot.com/2015/05/cyber-attack-15-sea.html
https://twitter.com/cyb3rops/status/598789516963532800
http://t.co/317qlrgGmk
http://blog.trendmicro.com/trendlabs-security-intelligence/operation-tropic-trooper-old-vulnerabilities-still-pack-a-punch/
https://twitter.com/cyb3rops/status/598789291813314560
http://t.co/p0T1URMNsI
http://seclist.us/poodle-attack-poc-implementation-of-the-poodle-attack.html
https://twitter.com/cyb3rops/status/598583478473588736
http://t.co/okNJmIop85
http://blog.malwarebytes.org/intelligence/2015/05/winyahoo-pup-modifies-chrome-secure-preferences/
https://twitter.com/cyb3rops/status/598581652764364800
http://t.co/NhxfcWseHh
http://macpaw.com/encrypto
https://twitter.com/cyb3rops/status/598555934923849728
http://t.co/toE6RlA13Q
http://blog.erratasec.com/2015/05/some-technical-notes-on-venom.html
https://twitter.com/cyb3rops/status/598553999571341313
https://twitter.com/cyb3rops/status/598544664828968960
https://twitter.com/cyb3rops/status/598542884728643584
http://t.co/x0W45I3VoF
http://blog.cylance.com/spear-operation-sad-panda
https://twitter.com/cyb3rops/status/598512536267444224
https://t.co/5UjdAV8Dmg
https://community.rapid7.com/Rapid7_BlogPostDetail?id=a111400000Aaz7eAAB
https://twitter.com/cyb3rops/status/598510722004426752
https://twitter.com/cyb3rops/status/598508431360847872
http://t.co/T6ztKEn9WU
http://securityintelligence.com/meet-the-pezao-trojan-brazils-got-malware/
https://twitter.com/cyb3rops/status/598506319625199616
https://t.co/TF0M4k0nl5
https://twitter.com/e_kaspersky/status/598498451425366019
https://twitter.com/cyb3rops/status/598478069293264896
https://t.co/iyBkZwNC6g
https://isc.sans.edu/diary.html?storyid=19687&rss
https://twitter.com/cyb3rops/status/598477497857105920
http://t.co/1s3H3r0nIr
http://www.secureworks.com/cyber-threat-intelligence/threats/teslacrypt-ransomware-threat-analysis/?view=Standard
https://twitter.com/cyb3rops/status/598410441593921536
https://t.co/nsZkgTTxLk
https://t.co/4fgtdNu8Je
https://gist.github.com/Neo23x0/e3d4e316d7441d9143c7
https://www.bsk-consulting.de/2015/02/16/write-simple-sound-yara-rules/
https://twitter.com/cyb3rops/status/598373833440108544
https://t.co/buA2GET9Di
https://www.trustedsec.com/may-2015/new-tool-the-pentesters-framework-ptf-released/
https://twitter.com/cyb3rops/status/598372341551407104
https://t.co/f1gxAzYZwv
https://twitter.com/cci_forensics/status/598316060543229952
https://twitter.com/cyb3rops/status/598371672954150912
https://t.co/Ftmqr21fPv
https://twitter.com/revskills/status/598216186967531521
https://twitter.com/cyb3rops/status/598370498695802880
http://t.co/zppRGLr63b
http://seclist.us/executable-payload-exploits-local-privilege-escalation-cve-2015-1701-to-steal-system-token.html
https://twitter.com/cyb3rops/status/598370153760423938
https://t.co/TdWCWmjExm
https://securelist.com/blog/software/69938/microsoft-security-updates-may-2015/
https://twitter.com/cyb3rops/status/598369742529929216
https://t.co/f8tkqk7e7o
https://blog.torproject.org/blog/tor-browser-50a1-released
https://twitter.com/cyb3rops/status/598246484891537409
http://t.co/cG65peSl1H
http://malware.dontneedcoffee.com/2015/05/another-look-at-niteris-post.html
https://twitter.com/cyb3rops/status/598208178095030273
http://t.co/ONRr5xFSB6
http://blog.checkpoint.com/2015/05/12/the-microsoft-help-file-chm-may-enslave-you/
https://twitter.com/cyb3rops/status/598192721476616193
http://t.co/lZgb3J4EUf
http://seclist.us/ws-attacker-version-1-6-released.html
https://twitter.com/cyb3rops/status/598183607757348864
https://twitter.com/cyb3rops/status/598179893550133248
https://t.co/FiKmA0YTYx
https://technet.microsoft.com/en-us/library/security/dn903782.aspx
https://twitter.com/cyb3rops/status/598129425255899136
http://t.co/SnKsd2rD14
http://www.labofapenetrationtester.com/2015/05/week-of-powershell-shells-day-2.html
https://twitter.com/cyb3rops/status/598109262003478529
http://t.co/RQenXQ1bk7
http://carlosrafaelgn.com.br/Asm86/index.html?language=en
https://twitter.com/cyb3rops/status/598101090601676800
http://t.co/aeCSgNg4Tc
http://www.malwaretech.com/2015/05/hard-disk-firmware-hacking-part-5.html
https://twitter.com/cyb3rops/status/598044003406368768
https://t.co/BCwxaCxy31
https://github.com/Veil-Framework/PowerTools/tree/master/PowerUp
https://twitter.com/cyb3rops/status/598009566484389890
https://t.co/23KO6vvk4e
https://twitter.com/binitamshah/status/597978938170675202
https://twitter.com/cyb3rops/status/598007144043159553
https://t.co/75aLpoNGik
https://isc.sans.edu/diary.html?storyid=19681&rss
https://twitter.com/cyb3rops/status/598006836785197056
http://t.co/crk9LR279p
http://seclist.us/snoopbrute-is-a-multithreaded-dns-recursive-host-brute-force-tool.html
https://twitter.com/cyb3rops/status/597869739130679296
http://t.co/IJdMkvWy7s
http://www.kitploit.com/2015/05/fastnetmon-very-fast-ddos-analyzer-with.html
https://twitter.com/cyb3rops/status/597869365074198528
http://t.co/j5hORqGQ8u
http://www.darknet.org.uk/2015/05/instarecon-automated-subdomain-discovery-tool/
https://twitter.com/cyb3rops/status/597836482972377088
http://t.co/to6ajM9Sl9
http://blog.trendmicro.com/trendlabs-security-intelligence/steganography-and-malware-concealing-code-and-cc-traffic/
https://twitter.com/cyb3rops/status/597780553379794944
http://t.co/1Ay10CMFVU
http://blog.0x3a.com/post/118366451134
https://twitter.com/cyb3rops/status/597779975010394112
http://t.co/C7UpH5n7U3
http://www.labofapenetrationtester.com/2015/05/week-of-powershell-shells-day-1.html
https://twitter.com/cyb3rops/status/597708756277944320
http://t.co/KXo1cyofCM
http://reason.com/archives/2015/04/09/how-to-break-the-internet/3
https://twitter.com/cyb3rops/status/597645595847892992
http://t.co/vFrO3rXpqU
http://seclist.us/vectorattackscanner-a-tool-to-search-vulnerable-points-to-attack.html
https://twitter.com/cyb3rops/status/597515981683085312
http://t.co/JcK7I7kvGn
http://seclist.us/instarecon-basic-automated-digital-reconnaissance.html
https://twitter.com/cyb3rops/status/597512318000443392
https://twitter.com/cyb3rops/status/597327860802674688
http://t.co/LRnMWT4X3b
http://seclist.us/scap-network-sniffer-scan-and-capture-incoming-packets.html
https://twitter.com/cyb3rops/status/597161074799022080
http://t.co/15Yqw18Jb2
http://www.kitploit.com/2015/05/autorize-automatic-authorization.html
https://twitter.com/cyb3rops/status/597116769791299585
http://t.co/D64svrxRJ1
http://mobile.reuters.com/article/idUSBRE91N07M20130224
https://twitter.com/cyb3rops/status/597107299996585984
http://t.co/d2U8let0Yq
http://securityblog.gr/2601/ssl-protocol-scanner-reconnaissance/
https://twitter.com/cyb3rops/status/597036660904357888
https://t.co/3tDakojx3b
https://isc.sans.edu/diary.html?storyid=19673&rss
https://twitter.com/cyb3rops/status/596810899945586689
https://t.co/WswD2uH2V9
https://twitter.com/fridadotre/status/596781421525671936
https://twitter.com/cyb3rops/status/596773881257598977
http://t.co/pyI1bYzWZl
http://seclist.us/exploit-for-the-toy-vulnerability.html
https://twitter.com/cyb3rops/status/596765886846996480
https://t.co/8WH1lojZMH
https://blogs.mcafee.com/mcafee-labs/brazilian-banking-malware-hides-in-sql-database
https://twitter.com/cyb3rops/status/596765815434833920
http://t.co/GvFSP58ZF0
http://www.darknet.org.uk/2015/05/wapiti-web-application-vulnerability-scanner-v2-3-0/
https://twitter.com/cyb3rops/status/596713511604101121
http://t.co/KXo1cyofCM
http://reason.com/archives/2015/04/09/how-to-break-the-internet/3
https://twitter.com/cyb3rops/status/596707035628097537
http://t.co/NYbVFpIaa2
http://www.kitploit.com/2015/05/kunai-pwning-info-gathering-via-user.html
https://twitter.com/cyb3rops/status/596624482065915904
http://t.co/WuTEM60pRq
http://securityblog.gr/2578/disable-userassist-history-anti-forensics/
https://twitter.com/cyb3rops/status/596616444080693248
http://t.co/3yPRnYDvdt
http://blog.checkpoint.com/2015/05/07/latest-sql-injection-trends/
https://twitter.com/cyb3rops/status/596616390230048768
http://t.co/dx9DinrkUg
http://adsecurity.org/?p=1535
https://twitter.com/cyb3rops/status/596612196429365248
https://twitter.com/cyb3rops/status/596598064195964928
http://t.co/hbuWJSPnN3
http://research.zscaler.com/2015/05/compromised-wordpress-sites-leaking.html?m=1
https://twitter.com/cyb3rops/status/596597581024727040
https://t.co/RMgJ95puUY
https://sploitfun.wordpress.com/2015/05/08/classic-stack-based-buffer-overflow
https://twitter.com/cyb3rops/status/596413224075026434
https://twitter.com/cyb3rops/status/596408010613854209
http://t.co/aOFuKeKCtP
http://researchcenter.paloaltonetworks.com/2015/05/trapwot-scareware-activity-spikes-in-april/
https://twitter.com/cyb3rops/status/596407725153718272
https://t.co/d65Pf3Yebk
https://community.rapid7.com/Rapid7_BlogPostDetail?id=a111400000AaxKdAAJ
https://twitter.com/cyb3rops/status/596407513681141760
http://t.co/4TijPz2u4Q
http://blog.trendmicro.com/trendlabs-security-intelligence/ad-network-compromised-users-victimized-by-nuclear-exploit-kit/
https://twitter.com/cyb3rops/status/596318301510328321
http://t.co/3Vi574F2oh
http://www.welivesecurity.com/2015/05/07/millions-wordpress-sites-left-vulnerable-plugin-flaw/
https://twitter.com/cyb3rops/status/596280149215055872
http://t.co/phLacQxvL0
http://blog.trendmicro.com/trendlabs-security-intelligence/macro-malware-when-old-tricks-still-work-part-2/
https://twitter.com/cyb3rops/status/596260605432045568
http://t.co/5f1ishNppH
http://seclist.us/reverse-tcp-shell-is-a-simple-reverse-tcp-backdoor.html
https://twitter.com/cyb3rops/status/596260381640826880
http://t.co/bdwzH3Qzob
http://securityaffairs.co/wordpress/36617/cyber-crime/new-alphacrypt-ransomware.html
https://twitter.com/cyb3rops/status/596260266507116544
http://t.co/zXq8FIsEwe
http://blog.portswigger.net/2015/05/new-burp-suite-testing-methodologies.html?m=1
https://twitter.com/cyb3rops/status/596209322729811968
https://t.co/BgPAd5ykfU
https://osquery.readthedocs.org/en/latest/introduction/overview/
https://twitter.com/cyb3rops/status/596198226090467329
https://t.co/RkjCstQNbl
https://twitter.com/hdarwin89/status/594557648030150657
https://twitter.com/cyb3rops/status/596025326259589121
http://t.co/cZVb6Z2keq
http://blog.trendmicro.com/trendlabs-security-intelligence/messaging-application-line-used-as-a-decoy-for-targeted-attack/
https://twitter.com/cyb3rops/status/595997203367391232
https://twitter.com/cyb3rops/status/595991298227699712
https://twitter.com/cyb3rops/status/595991066056204289
https://twitter.com/cyb3rops/status/595945185227493376
http://t.co/vhDuPuAggp
http://blog.portswigger.net/2015/05/burp-suite-now-reports-blind-xxe.html
https://twitter.com/cyb3rops/status/595914033364115456
https://t.co/2priAoM2zY
https://nakedsecurity.sophos.com/2015/05/05/microsoft-word-intruder-the-malware-that-writes-new-malware-for-you/
https://twitter.com/cyb3rops/status/595855197689217025
https://twitter.com/cyb3rops/status/595849706607083520
http://t.co/WEh3ZmLuPp
http://www.kitploit.com/2015/05/password-cracking-suite.html
https://twitter.com/cyb3rops/status/595848997346086913
http://t.co/YApirhvihB
http://www.kitploit.com/2015/05/wig-webapp-information-gatherer.html
https://twitter.com/cyb3rops/status/595848821957066752
http://t.co/tMpKcmV6hV
http://windowsir.blogspot.com/2015/05/stuff.html
https://twitter.com/cyb3rops/status/595699620489076737
http://t.co/IgCfg4sC6S
http://www.malwaretech.com/2015/05/hard-disk-firmware-hacking-part-4.html
https://twitter.com/cyb3rops/status/595644955265208323
http://t.co/nIjqUIrIaY
http://seclist.us/malscan-is-a-powerful-malware-scanner-and-leveraging.html
https://twitter.com/cyb3rops/status/595619072588546048
http://t.co/kKjfrQZVsr
http://blog.trendmicro.com/trendlabs-security-intelligence/steganography-and-malware-why-and-how/
https://twitter.com/cyb3rops/status/595476420857614336
https://t.co/4lL2n95IKJ
https://isc.sans.edu/diary.html?storyid=19657&rss
https://twitter.com/cyb3rops/status/595345382844010497
http://t.co/z2Mm2qZOtI
https://t.co/7txJoUnNWg
http://eo.oe.kiwi
https://twitter.com/gentilkiwi/status/595320795863371777
https://twitter.com/cyb3rops/status/595320285458489344
https://t.co/CgHZBO7uo5
https://twitter.com/AcidRampage/status/595135951074111488
https://twitter.com/cyb3rops/status/595310873402572801
http://t.co/5Tvd6SiapJ
http://blog.malwarebytes.org/exploits-2/2015/05/fiesta-ek-wreaks-havoc-on-popular-torrent-site/
https://twitter.com/cyb3rops/status/595310680825270272
http://t.co/HuTte8b0Ns
http://www.fireeye.com/blog/threat-research/2015/05/targeted_crimewarei.html
https://twitter.com/cyb3rops/status/595286539724300288
http://t.co/6DKqgoMpui
http://www.darknet.org.uk/2015/05/the-dude-automatic-network-discovery-layout-tool/
https://twitter.com/cyb3rops/status/595285801405194240
http://t.co/lkrEjIvTKx
http://phishme.com/updated-dyre-dropped-by-office-macros/
https://twitter.com/cyb3rops/status/595236229798563840
http://t.co/XRGy43GppS
http://www.kitploit.com/2015/05/wireless-network-watcher-v179-show-who.html
https://twitter.com/cyb3rops/status/595120351341879296
http://t.co/3xNrOy23k8
http://blog.trendmicro.com/trendlabs-security-intelligence/iis-at-risk-an-in-depth-look-into-cve-2015-1635/
https://twitter.com/cyb3rops/status/595086160654917632
https://t.co/SiZWCs2504
https://isc.sans.edu/diary.html?storyid=19655&rss
https://twitter.com/cyb3rops/status/594973296363446272
http://t.co/nd352XvKki
http://seclist.us/demon-a-stealthy-gpu-based-keylogger-poc.html
https://twitter.com/cyb3rops/status/594842750157266944
http://t.co/97qd35snLs
http://holisticinfosec.blogspot.com/2015/05/toolsmith-attack-detection-hunting-in.html
https://twitter.com/cyb3rops/status/594633914444075009
http://t.co/wx8Vfr7GmA
http://seclist.us/updates-arachni-v-1-1-web-application-security-scanner-framework.html
https://twitter.com/cyb3rops/status/594633724974731264
https://t.co/hCmhXXwvYM
https://blog.hboeck.de/archives/871-Even-more-bypasses-of-Google-Password-Alert.html
https://twitter.com/cyb3rops/status/594627434600865792
http://t.co/ZVDqHklxYE
http://sourceforge.net/projects/samurai/
https://twitter.com/cyb3rops/status/594607137818542080
http://t.co/yoZDMZvYBc
http://blog.virustotal.com/2015/04/knockknock-virustotal.html
https://twitter.com/cyb3rops/status/594574160359198720
https://t.co/kEHzLO3T1P
https://blog.hboeck.de/archives/870-DNS-AXFR-scan-data.html
https://twitter.com/cyb3rops/status/594535548108279809
http://t.co/q5juLR8eli
http://www.darknet.org.uk/2015/05/graudit-v1-9-download-grep-source-code-auditing-tool/
https://twitter.com/cyb3rops/status/594261763790655488
https://twitter.com/cyb3rops/status/594178158305386496
https://t.co/uQWTLeVdFD
https://hiddencodes.wordpress.com/2015/04/30/dealing-with-pcaps-in-windows-using-fiddlerfiddlercore/
https://twitter.com/cyb3rops/status/594149832404664321
http://t.co/900VoFXNem
http://securityintelligence.com/how-to-dramatically-improve-your-database-encryption/
https://twitter.com/cyb3rops/status/594002487931236353
http://t.co/pTLHJcWjXV
http://blog.trendmicro.com/trendlabs-security-intelligence/troj_werdlod-new-banking-trojan-targets-japan/
https://twitter.com/cyb3rops/status/593796183719550976
https://t.co/6j1xlBx2eL
https://www.us-cert.gov/ncas/alerts/TA15-119A-0
https://twitter.com/cyb3rops/status/593719335853674496
http://t.co/mE8kXsiMfU
http://www.darknet.org.uk/2015/04/wordpress-critical-zero-day-vulnerability-fixed-in-a-hurry/
https://twitter.com/cyb3rops/status/593719219268759552
http://t.co/HN7sRbHhIV
http://blog.trendmicro.com/trendlabs-security-intelligence/rawpos-checking-in-at-a-hotel-near-you/
https://twitter.com/cyb3rops/status/593481450806181888
http://t.co/h2m4FIMtIN
http://blog.malwarebytes.org/malvertising-2/2015/04/domain-shadowing-with-a-twist/
https://twitter.com/cyb3rops/status/593315376647294976
https://t.co/ypPTtz9i1P
https://www.circl.lu/pub/tr-36/
https://twitter.com/cyb3rops/status/593288204658278400
http://t.co/RLntMjp0VB
http://community.websense.com/blogs/securitylabs/archive/2015/04/28/andromeda-an-attack-kill-chain-analysis.aspx
https://twitter.com/cyb3rops/status/593288056125452288
http://t.co/GsIvgfZSWO
http://blog.didierstevens.com/2015/04/29/pdf-parser-a-method-to-manipulate-pdfs-part-2/
https://twitter.com/cyb3rops/status/593114030451126272
https://twitter.com/cyb3rops/status/593100971330371584
https://t.co/KNabUMn3pS
https://code.google.com/p/wifite/
https://twitter.com/cyb3rops/status/593075689479364609
http://t.co/gD7djW9mR3
http://blogs.technet.com/b/mmpc/archive/2015/04/28/social-engineering-tricks-open-the-door-to-macro-malware-attacks-how-can-we-close-it.aspx
https://twitter.com/cyb3rops/status/592762269236334592
http://t.co/jrFQLmYZdj
http://www.darknet.org.uk/2015/04/cewl-v5-1-password-cracking-custom-word-list-generator/
https://twitter.com/cyb3rops/status/592720429565005825
http://t.co/Fb0RECV1c6
http://blog.trendmicro.com/trendlabs-security-intelligence/enterprises-hit-by-bartalex-macro-malware-in-recent-spam-outbreak/
https://twitter.com/cyb3rops/status/592623820437069825
http://t.co/RM8QZY3l95
http://blog.didierstevens.com/2015/04/27/update-virustotal-search-version-0-1-2-daily-quote-handling-and-cves/
https://twitter.com/cyb3rops/status/592366012634374146
https://t.co/y80YJZbV1P
https://bto.bluecoat.com/security-advisory/sa93
https://twitter.com/cyb3rops/status/591938696368250881
http://t.co/FZ68CjJ0B3
http://www.darknet.org.uk/2015/04/oat-microsoft-ocs-assessment-tool-office-communication-server/
https://twitter.com/cyb3rops/status/591572325335748610
https://t.co/6k1IXyKuG6
https://nakedsecurity.sophos.com/2015/04/24/cisco-releases-first-transparency-report-showing-literally-nothing-to-hide/
https://twitter.com/cyb3rops/status/591331710568017920
http://t.co/m2lZRfaebu
http://blog.didierstevens.com/2015/04/23/ms15-034-poc-excel-video
https://twitter.com/cyb3rops/status/591263220238811136
https://t.co/xQsru7DwMl
https://www.f-secure.com/weblog/archives/00002805.html
https://twitter.com/cyb3rops/status/591179467386662912
http://t.co/ESQK0g7QSq
http://www.securityweek.com/wi-fi-component-flaw-exposes-windows-linux-os-x-systems
https://twitter.com/cyb3rops/status/590985185560231938
http://t.co/JiGeOW1r4p
http://blog.malwarebytes.org/malvertising-2/2015/04/tech-brief-an-inside-view-of-a-zero-day-campaign/
https://twitter.com/cyb3rops/status/590917269703827457
https://t.co/4Nfhn17HNo
https://www.f-secure.com/weblog/archives/00002804.html
https://twitter.com/cyb3rops/status/590917026056646656
http://t.co/2ojcdm3fgp
http://blog.trendmicro.com/trendlabs-security-intelligence/latest-flash-exploit-in-angler-ek-might-not-really-be-cve-2015-0359/
https://twitter.com/cyb3rops/status/590844427259793408
https://t.co/CO2eYLmMw5
https://www.f-secure.com/weblog/archives/00002803.html
https://twitter.com/cyb3rops/status/590844180366233601
https://t.co/jXlK3Zxgwj
https://securelist.com/analysis/publications/69727/how-exploit-packs-are-concealed-in-a-flash-object/
https://twitter.com/cyb3rops/status/590827259726012416
https://t.co/zPWZrFWo12
https://securelist.com/blog/69731/the-cozyduke-apt/
https://twitter.com/cyb3rops/status/590826191147368449
http://t.co/pcm3pGgpMv
http://blog.trendmicro.com/trendlabs-security-intelligence/iis-at-risk-the-http-protocol-stack-vulnerability/
https://twitter.com/cyb3rops/status/590568915975143424
http://t.co/QkK8E0JOu1
http://blog.trendmicro.com/trendlabs-security-intelligence/resurrection-of-the-living-dead-the-redirect-to-smb-vulnerability/
https://twitter.com/cyb3rops/status/590568827068493826
http://t.co/zu88txjTLC
http://research.zscaler.com/2015/04/malvertising-exploit-kits-clickfraud.html?m=1
https://twitter.com/cyb3rops/status/590568713012797440
http://t.co/urSWlG33vG
http://www.malwaretech.com/2015/04/hard-disk-firmware-hacking-part-3.html
https://twitter.com/cyb3rops/status/590474756375371776
http://t.co/uePH6tpBgZ
http://blog.trendmicro.com/trendlabs-security-intelligence/without-a-trace-fileless-malware-spotted-in-the-wild/
https://twitter.com/cyb3rops/status/590473848274948096
http://t.co/jay9CFQrRd
http://securityintelligence.com/cve-2015-1097-deobfuscating-ios-kernel-pointers-with-an-ibm-x-force-discovered-vulnerability/
https://twitter.com/cyb3rops/status/590429893378215937
http://t.co/qvJEj2YPcz
http://blogs.technet.com/b/sysinternals/archive/2015/04/21/update-sysmon-v3-0-autornus-v13-3-regjump-v1-1-process-monitor-v3-11.aspx
https://twitter.com/cyb3rops/status/590246104144314368
http://t.co/P6JYxSl3cy
http://blog.malwarebytes.org/security-threat/2015/04/teslacrypt-videogame-safety-101/
https://twitter.com/cyb3rops/status/590245700111364096
http://t.co/QFvUJEzR6g
http://www.darknet.org.uk/2015/04/sptoolkit-rebirth-simple-phishing-toolkit/
https://twitter.com/cyb3rops/status/589752223703375872
http://t.co/Kt3FkIF4Tv
http://www.fireeye.com/blog/threat-research/2015/04/probable_apt28_useo.html
https://twitter.com/cyb3rops/status/589431870330396673
http://t.co/gYazpfkBmS
http://www.darknet.org.uk/2015/04/evilap-defender-detect-evil-twin-attacks/
https://twitter.com/cyb3rops/status/589302198754009088
http://t.co/bprrKz1ITA
http://blog.crowdstrike.com/operational-threat-intelligence-with-maltego-transform-hub/
https://twitter.com/cyb3rops/status/589037081663578113
http://t.co/5aDAXy0Uac
http://blog.didierstevens.com/2015/04/17/ms15-034-detection-some-observations/
https://twitter.com/cyb3rops/status/588823950555279360
http://t.co/RKJRrXmR77
http://blog.malwarebytes.org/malvertising-2/2015/04/flash-ek-strikes-again-via-googles-doubleclick/
https://twitter.com/cyb3rops/status/588740124042727424
http://t.co/HNxhpRvbHw
http://blog.trendmicro.com/trendlabs-security-intelligence/operation-pawn-storm-ramps-up-its-activities-targets-nato-white-house/
https://twitter.com/cyb3rops/status/588739984632471552
http://t.co/fbxd5FDXmU
http://www.threatgeek.com/2015/04/fidelis-threat-advisory-1016-pushdo-it-to-me-one-more-time.html
https://twitter.com/cyb3rops/status/588666226055979008
https://t.co/gd5X0ShxwG
https://twitter.com/botherder/status/588636426310299648
https://twitter.com/cyb3rops/status/588586192871886848
http://t.co/2ljRchjHx0
http://blog.erratasec.com/2015/04/masscanning-for-ms15-034.html
https://twitter.com/cyb3rops/status/588585899778150400
http://t.co/tZQJImgjhu
http://blog.didierstevens.com/2015/04/16/pdf-parser-a-method-to-manipulate-pdfs-part-1/
https://twitter.com/cyb3rops/status/588585709222526976
http://t.co/IUSSIFxPey
http://phishme.com/detecting-a-dridex-variant-that-evades-anti-virus/
https://twitter.com/cyb3rops/status/588410667457089536
https://t.co/c7m1eLvRLY
https://github.com/rapid7/metasploit-framework/pull/5150
https://twitter.com/cyb3rops/status/588356990851796992
https://t.co/6fxcSsPPEt
https://blog.gdatasoftware.com/blog/article/casper-the-newest-member-of-the-cartoon-malware-family.html
https://twitter.com/cyb3rops/status/588356443222446080
https://t.co/LDf5r5ABIY
https://blog.gdatasoftware.com/blog/article/the-andromedagamarue-botnet-is-on-the-rise-again.html
https://twitter.com/cyb3rops/status/588292620566265857
http://t.co/JXO4kyoG4y
http://blog.trendmicro.com/trendlabs-security-intelligence/behind-tax-fraud-a-profile-of-3-irs-scammers/
https://twitter.com/cyb3rops/status/588225173767204864
http://t.co/XgkAErA3rk
http://blog.didierstevens.com/2015/04/15/pdf-password-cracking-with-john-the-ripper/
https://twitter.com/cyb3rops/status/588066482329878528
http://t.co/dE0oIEnr8E
http://krebsonsecurity.com/2015/04/critical-updates-for-windows-flash-java/
https://twitter.com/cyb3rops/status/588041425662693376
https://t.co/cdimDdaj11
https://technet.microsoft.com/en-us/library/security/ms15-apr.aspx
https://twitter.com/cyb3rops/status/588040250494181376
http://t.co/260uzH1MkY
http://community.websense.com/blogs/securitylabs/archive/2015/04/14/shellshock-not-a-can-of-worms-if-you-patch.aspx
https://twitter.com/cyb3rops/status/588040020692492289
http://t.co/t6wUYt67zD
http://blog.crowdstrike.com/adversaries-set-their-sites-on-oil-and-gas-sector/
https://twitter.com/cyb3rops/status/588038962343768064
https://t.co/TYZP1yXrVK
https://securelist.com/blog/research/69605/your-tax-refund-with-a-data-kidnapping-twist/
https://twitter.com/cyb3rops/status/587929015199105024
http://t.co/mXh5jj5wjV
http://payload-security.blogspot.com/2015/04/improved-webservice-statistics-and-new.html
https://twitter.com/cyb3rops/status/587861295208210432
http://t.co/QfFALDU3ZT
http://community.websense.com/blogs/securitylabs/archive/2015/04/13/redirect-to-smb-technique-re-exposes-18-year-old-vulnerability.aspx
https://twitter.com/cyb3rops/status/587861159828684800
http://t.co/4WdTueUKQt
http://www.darknet.org.uk/2015/04/samuraiwtf-3-x-and-onwards-web-testing-framework-linux-livecd/
https://twitter.com/cyb3rops/status/587860709763067904
http://t.co/1vqVEUl1nW
http://blogs.technet.com/b/mmpc/archive/2015/04/13/bioazih-rat-how-clean-file-metadata-can-help-keep-you-safe.aspx
https://twitter.com/cyb3rops/status/587859863201566720
http://t.co/kk41eYuKQI
http://blog.trendmicro.com/trendlabs-security-intelligence/how-targeted-attacks-changed-in-2014/
https://twitter.com/cyb3rops/status/587649760603086849
http://t.co/Ef42LC0voc
http://www.malwaretech.com/2015/04/hard-disk-firmware-hacking-part-1.html
https://twitter.com/cyb3rops/status/587649724385222657
http://t.co/GMns3IzBhD
http://www.malwaretech.com/2015/04/hard-disk-firmware-hacking-part-2.html
https://twitter.com/cyb3rops/status/587649632785805313
http://t.co/cQxMYVwkT5
http://blogs.technet.com/b/mmpc/archive/2015/04/12/microsoft-partners-with-interpol-industry-to-disrupt-global-malware-attack-affecting-more-than-770-000-pcs-in-past-six-months-39-simda-at-39-designed-to-divert-internet-traffic-to-disseminate-other-types-of-malware.aspx
https://twitter.com/cyb3rops/status/587600419527987200
https://t.co/6QEE5zZ6Qe
https://securelist.com/blog/69595/challenging-coinvault-its-time-to-free-those-files/
https://twitter.com/cyb3rops/status/587524812068773888
https://t.co/duTAVi7BjB
https://securelist.com/blog/69580/simdas-hide-and-seek-grown-up-games/
https://twitter.com/cyb3rops/status/587388548229308416
http://t.co/iP94ukZw1i
http://www.fireeye.com/blog/threat-research/2015/04/apt_30_and_the_mecha.html
https://twitter.com/cyb3rops/status/586927080971046913
https://twitter.com/cyb3rops/status/586883821141946368
http://t.co/R4N4aKWy38
http://blog.trendmicro.com/trendlabs-security-intelligence/vbs-malware-tied-to-media-attacks/
https://twitter.com/cyb3rops/status/586826621249806336
http://t.co/4lqCd4ZJFu
http://blog.erratasec.com/2015/04/scalability-of-great-cannon.html
https://twitter.com/cyb3rops/status/586625327973199873
http://t.co/SHV8lVewFj
http://blog.malwarebytes.org/exploits-2/2015/04/a-history-lesson-brought-to-you-by-the-nuclear-exploit-kit/
https://twitter.com/cyb3rops/status/586497001535176704
https://t.co/LLiE7oiOgY
https://securelist.com/blog/69462/darwin-nuke/
https://twitter.com/cyb3rops/status/586232417909870592
http://t.co/aHz4R1dfce
http://www.fireeye.com/blog/threat-research/2015/04/url_masques_on_apps.html
https://twitter.com/cyb3rops/status/586232086681546753
http://t.co/yAHINmOHoL
http://www.itsecurityguru.org/2015/04/09/apple-keeps-trust-in-chinese-ca/
https://twitter.com/cyb3rops/status/586204264164392961
https://t.co/u3Wd9rQxzU
https://aaeh.shadowserver.org/
https://twitter.com/cyb3rops/status/585919136737452032
http://t.co/egxprN24uY
http://blog.didierstevens.com/2015/04/08/quickpost-maldocs-vba-and-pastebin
https://twitter.com/cyb3rops/status/585895141514354688
http://t.co/fMsvzq5M9K
http://www.fireeye.com/blog/threat-research/2015/04/phantom_deadly_prox.html
https://twitter.com/cyb3rops/status/585825768854462464
http://t.co/M0y0nAaCfJ
http://securityintelligence.com/the-10-most-common-application-attacks-in-action/
https://twitter.com/cyb3rops/status/585825493313785856
http://t.co/GczEcKn1be
http://www.fireeye.com/blog/threat-research/2015/04/analysis_of_kriptovo.html
https://twitter.com/cyb3rops/status/585805428535209984
http://t.co/hq1ixd0OcS
http://www.threatgeek.com/2015/04/fidelis-threat-advisory-1015-ratting-on-alienspy.html
https://twitter.com/cyb3rops/status/585784153792241664
https://twitter.com/cyb3rops/status/585782218913615873
https://t.co/YmLmrVhUDz
https://securelist.com/blog/research/69481/a-flawed-ransomware-encryptor/
https://twitter.com/cyb3rops/status/585782069395075073
http://t.co/OljaCIdCWz
http://blog.malwarebytes.org/fraud-scam/2015/04/steer-clear-of-scr-malware-screenshots/
https://twitter.com/cyb3rops/status/585728966121693186
https://t.co/6Kh64kWyDf
https://www.metascan-online.com/en/about
https://twitter.com/cyb3rops/status/585714879023206400
https://t.co/JevrgEoRqY
https://sysforensics.org/2015/04/extract-attachments-extachment.html
https://twitter.com/cyb3rops/status/585485686658179072
http://t.co/pBzirpnzM9
https://t.co/cWHsCtVct7
http://www.novetta.com/wp-content/uploads/2015/04/novetta_winntianalysis.pdf
https://twitter.com/craiu/status/585422323492253696
https://twitter.com/cyb3rops/status/585473438199975936
http://t.co/uy7E9G1eo9
http://blog.sucuri.net/2015/04/security-advisory-persistent-xss-in-wp-super-cache.html
https://twitter.com/cyb3rops/status/585418237493583872
http://t.co/ola2XSWmuE
http://www.darknet.org.uk/2015/04/watcher-passive-web-application-vulnerability-scanner/
https://twitter.com/cyb3rops/status/585417975747981312
https://t.co/fqzwIgHyKx
https://securelist.com/blog/research/69490/dont-feel-left-out-ransomware-for-it-security-enthusiasts/
https://twitter.com/cyb3rops/status/585417660768346114
https://t.co/FgRLMeiiAX
https://nakedsecurity.sophos.com/2015/04/07/firefox-issues-brand-new-update-to-fix-https-security-hole-in-new-update/
https://twitter.com/cyb3rops/status/585350390566162432
http://t.co/qfFJH63JbB
http://blog.trendmicro.com/trendlabs-security-intelligence/android-installer-hijacking-bug-used-as-lure-for-malware/
https://twitter.com/cyb3rops/status/585341841089912832
http://t.co/BCnQM5j7p5
http://www.novetta.com/2015/04/operation-smn-winnti-update/
https://twitter.com/cyb3rops/status/585193320940511232
http://t.co/DAmEVJSiHj
http://community.websense.com/blogs/securitylabs/archive/2015/04/06/over-indulgence-in-the-easter-eggsploit-kit.aspx
https://twitter.com/cyb3rops/status/585190995224047618
http://t.co/kHlTl9jstF
http://blog.malwaremustdie.org/2015/04/mmd-0031-2015-what-is-netwire-rat.html
https://twitter.com/cyb3rops/status/585141077243514880
http://t.co/1GENnf3doH
http://www.vanimpe.eu/2015/04/05/using-different-online-malware-analyser-tools/
https://twitter.com/cyb3rops/status/584334606314430464
https://t.co/Q6yTTAdNUB
https://www.f-secure.com/weblog/archives/00002800.html
https://twitter.com/cyb3rops/status/584321574838341633
http://t.co/6szRdhEzhr
http://blog.sucuri.net/2015/04/website-malware-the-swf-iframe-injector-evolves.html
https://twitter.com/cyb3rops/status/584319016702971904
http://t.co/uwIIeCFvzg
http://research.zscaler.com/2015/04/angler-exploit-kit-utilizing-302.html?m=1
https://twitter.com/cyb3rops/status/584072443528142852
http://t.co/mgBFxX80U8
http://blog.malwarebytes.org/exploits-2/2015/04/dell-system-detect-vulnerability-now-classified-as-a-pup/
https://twitter.com/cyb3rops/status/584071225925832704
http://t.co/10b7r1SU9X
http://digital-forensics.sans.org/blog/2015/04/03/identifying-and-disrupting-crypto-ransomware-and-destructive-malware
https://twitter.com/cyb3rops/status/583940262159896576
https://t.co/MSKaidK7lH
https://portal.sec.ibm.com/mss/html/en_US/support_resources/pdf/Dyre_Wolf_MSS_Threat_Report.pdf
https://twitter.com/cyb3rops/status/583744484984414208
http://t.co/aTIYnwikPd
http://blog.crowdstrike.com/chopping-packets-decoding-china-chopper-web-shell-traffic-over-ssl/
https://twitter.com/cyb3rops/status/583585682079223809
https://twitter.com/cyb3rops/status/583527101954949120
http://t.co/cQDLeQRqgb
http://goo.gl/fb/QKJCuA
https://twitter.com/cyb3rops/status/583515851179057152
http://t.co/oyfdnwZVqK
http://blog.erratasec.com/2015/04/pin-pointing-chinas-attack-against.html
https://twitter.com/cyb3rops/status/583391951065583616
http://t.co/dfMsrLutKf
http://blog.trendmicro.com/trendlabs-security-intelligence/newposthings-has-new-pos-things/
https://twitter.com/cyb3rops/status/583287438413602816
http://t.co/JwjQnMklAA
http://blog.malwarebytes.org/exploits-2/2015/04/compromised-wordpress-sites-launch-drive-by-attacks-off-pirate-bay-clone/
https://twitter.com/cyb3rops/status/583192482017595392
https://t.co/JZeJWZYkNM
http://t.co/BUA3LZcRrR
https://www.virustotal.com/en/file/5995b948be25d2c7b34a02dd4d7ef22b1a108e059bb7fac7994a715a2de7185f/analysis/
http://r.virscan.org/report/58ee24c25fc2599cc2797e2b6edef7cf
https://twitter.com/cyb3rops/status/583019869798563840
https://t.co/E9jypmCL6o
https://securelist.com/blog/69421/sinkholing-volatile-cedar-dga-infrastructure/
https://twitter.com/cyb3rops/status/583019107731263489
http://t.co/EdPqMNuqB1
http://blog.didierstevens.com/2015/03/31/pdf-parser-and-yara
https://twitter.com/cyb3rops/status/583006522483064833
http://t.co/yVdIouc2mP
http://blog.trendmicro.com/trendlabs-security-intelligence/the-resurrection-of-cve-2011-2461/
https://twitter.com/cyb3rops/status/582804385891246080
http://t.co/lG8TV5oO8E
https://t.co/lTTkFGxxpV
http://pdf101.corkami.com
https://www.youtube.com/watch?v=k9g9jZdjRcE
https://twitter.com/cyb3rops/status/582590984321630208
https://twitter.com/cyb3rops/status/582586567971205120
http://t.co/jK9tKNaDV5
http://www.itsecurityguru.org/2015/03/30/the-dns-your-most-vulnerable-ally/
https://twitter.com/cyb3rops/status/582574595259142144
https://t.co/SPx7wDmEST
https://t.co/7c6BNz5uyf
https://malwr.com/analysis/NGUwOWYwZDdiNDA1NGIxNmJlYjJiZDRhM2RkYTU3YTk/
https://www.virustotal.com/en/domain/omaha.wandoujia.com/information/
https://twitter.com/cyb3rops/status/581855969841430528
https://twitter.com/cyb3rops/status/581762021777149952
http://t.co/9xlmkLRhWt
http://www.darknet.org.uk/2015/03/onapsis-bizploit-v1-50-sap-penetration-testing-framework/
https://twitter.com/cyb3rops/status/581737886254522368
http://t.co/NZNVLu9yUs
http://youtu.be/vDhcqua3_W8
https://twitter.com/cyb3rops/status/581487785191874560
http://t.co/4CnO4OEvGT
http://blog.sucuri.net/2015/03/pseudo-darkleech-server-root-infection.html
https://twitter.com/cyb3rops/status/581445012254265344
https://twitter.com/cyb3rops/status/581434711324692480
https://twitter.com/cyb3rops/status/581376269205561344
http://t.co/bOXLjUeCOu
http://nullsecure.org/malware-traffic-analysis-using-splunk/
https://twitter.com/cyb3rops/status/581167035725512704
https://twitter.com/cyb3rops/status/581094091712282624
http://t.co/yfTTyBNhLz
http://www.forbes.com/sites/thomasbrewster/2015/03/25/hack-a-car-for-60-dollars/
https://twitter.com/cyb3rops/status/580982764125569024
http://t.co/mcfoMMhSH6
http://digital-forensics.sans.org/blog/2015/03/25/detecting-dll-hijacking-on-windows
https://twitter.com/cyb3rops/status/580830985203392512
http://t.co/IUSSIFgen0
http://phishme.com/detecting-a-dridex-variant-that-evades-anti-virus/
https://twitter.com/cyb3rops/status/580820886791524353
https://t.co/q5IKhsS67E
https://github.com/Neo23x0/Loki/blob/master/signatures/apt_woolengoldfish.yar
https://twitter.com/cyb3rops/status/580635805653303296
http://t.co/WXGMtw13rA
http://blog.erratasec.com/2015/03/x86-is-high-level-language.html
https://twitter.com/cyb3rops/status/580633055108431872
http://t.co/UnkJTNBJGI
http://blog.trendmicro.com/trendlabs-security-intelligence/macro-based-malware-increases-along-with-spam-volume-now-drops-bartalex/
https://twitter.com/cyb3rops/status/580485859218190336
http://t.co/o2lveWUMpc
http://digital-forensics.sans.org/blog/2015/03/24/hide-from-browser-forensics
https://twitter.com/cyb3rops/status/580328627268661248
https://twitter.com/cyb3rops/status/580108004957270017
http://t.co/oeYHw88Jef
http://www.malwaretech.com/2015/03/code-mutation-polymorphism.html
https://twitter.com/cyb3rops/status/580015101417295872
https://t.co/fUK7AjgFhH
https://macaroni-project.org/
https://twitter.com/cyb3rops/status/579177986227900416
http://t.co/wb2srRhfjf
http://blog.malwarebytes.org/fraud-scam/2015/03/scams-pups-target-would-be-whatsapp-voice-users/
https://twitter.com/cyb3rops/status/578949356574900224
http://t.co/RDyGQhUVuK
http://blog.malwarebytes.org/exploits-2/2015/03/nuclear-ek-leverages-recently-patched-flash-vulnerability/
https://twitter.com/cyb3rops/status/578948839106838528
http://t.co/C5Vv5ci2J7
http://research.zscaler.com/2015/03/njrat-h-worm-variant-infections.html?m=1
https://twitter.com/cyb3rops/status/578677909684113409
http://t.co/hnoKBdS4eC
http://phishme.com/the-return-of-njrat/
https://twitter.com/cyb3rops/status/578563157200920576
https://t.co/o5qhNotcBA
https://github.com/angea/PDF101/blob/master/presentations/troopers15/Albertini%2BPfeifle%20-%20Advanced%20PDF%20Tricks.pdf?raw=1
https://twitter.com/cyb3rops/status/578533000448716800
https://t.co/Vkp6dQyTEi
https://github.com/angea/PDF101
https://twitter.com/cyb3rops/status/578461092063653888
http://t.co/Smm0oBQxOH
http://blog.trendmicro.com/trendlabs-security-intelligence/operation-woolen-goldfish-when-kittens-go-phishing/
https://twitter.com/cyb3rops/status/578333630646382592
http://t.co/aqpSJ7XVAX
http://blog.trendmicro.com/trendlabs-security-intelligence/beware-the-insert-and-link-feature-in-microsoft-office/
https://twitter.com/cyb3rops/status/578333492104282112
http://t.co/CruGod2QQr
http://phishme.com/dridex-code-breaking-modify-the-malware-to-bypass-the-vm-bypass/
https://twitter.com/cyb3rops/status/578086807931219969
http://t.co/U2yd1DNR6Z
http://www.fireeye.com/blog/threat-research/2015/03/freak_out_on_mobile.html
https://twitter.com/cyb3rops/status/577946429555122177
https://t.co/IYI878yMml
https://news.ycombinator.com/item?id=9217022
https://twitter.com/cyb3rops/status/577848140310654976
http://t.co/FK1JAEtGfw
http://www.theregister.co.uk/2015/03/17/blackberry_joins_the_freak_show/
https://twitter.com/cyb3rops/status/577585595041607680
https://t.co/6fxcSsPPEt
https://blog.gdatasoftware.com/blog/article/casper-the-newest-member-of-the-cartoon-malware-family.html
https://twitter.com/cyb3rops/status/577585089158217728
http://t.co/mZRajRik0m
http://securityintelligence.com/analyzing-queries-on-a-honeypot-name-server-for-better-dns-log-quality/
https://twitter.com/cyb3rops/status/577494726737309697
https://t.co/DKTQ7VhVfF
http://t.co/NTxqwJ5cIK
https://t.co/uIN3W2d94C
https://www.virustotal.com/en/file/90331f8fe72fe7ecbfa2757e99ac452bf509db803f39ed9502caabe6f39cbd98/analysis/
http://pastebin.com/KGC34VBF
https://github.com/Neo23x0/Loki/blob/master/signatures/generic_anomalies.yar#L41
https://twitter.com/cyb3rops/status/577484396967673856
https://t.co/LDf5r5ABIY
https://blog.gdatasoftware.com/blog/article/the-andromedagamarue-botnet-is-on-the-rise-again.html
https://twitter.com/cyb3rops/status/577440375503233024
https://t.co/Lz6t1EWlll
https://github.com/Neo23x0/Loki/blob/master/signatures/apt_snowglobe_babar.yar
https://twitter.com/cyb3rops/status/577133103526862848
http://t.co/EWfKqiLtNa
http://www.techspot.com/article/896-secure-email-and-cloud-storage-services/
https://twitter.com/cyb3rops/status/576710052704333824
https://t.co/XmUmdonom4
https://www.virustotal.com/en/file/4cfce7e1f032d0730c600fe75c294beb9d0648dfe5a05773ae72551e4e7d3017/analysis/
https://twitter.com/cyb3rops/status/576436311403442176
http://t.co/pZREQwNAEC
http://www.theverge.com/2015/3/13/8208413/uk-nuclear-weapons-russia-traffic-redirect
https://twitter.com/cyb3rops/status/576435376899928064
http://t.co/UVWh3AbbMQ
http://blog.trendmicro.com/trendlabs-security-intelligence/bypassing-aslr-with-cve-2015-0071-an-out-of-bounds-read-vulnerability/
https://twitter.com/cyb3rops/status/576340964173807616
http://t.co/HoPtdXZrtD
http://blog.trendmicro.com/trendlabs-security-intelligence/investigating-and-detecting-command-and-control-servers/
https://twitter.com/cyb3rops/status/576132123368751105
http://t.co/JIjMg0Jnjg
http://securityintelligence.com/how-safe-is-your-os-and-web-browser-combination-against-the-most-prevalent-malware-strains/#.VQIDf6mCPCQ
https://twitter.com/cyb3rops/status/576120475774017537
http://t.co/YhnQDiTsKN
http://blog.malwarebytes.org/fraud-scam/2015/03/new-facebook-worm-variant-leverages-multiple-cloud-services/
https://twitter.com/cyb3rops/status/576025419566166016
https://t.co/LK5J0R7Omx
https://www.bsk-consulting.de/2015/03/10/apt-detection-is-about-metadata/
https://twitter.com/cyb3rops/status/575924255558397952
https://t.co/qNEChtMjQj
https://t.co/qogs6CRjqT
https://github.com/Neo23x0/Loki/blob/master/signatures/spy_equation_fiveeyes.yar#L356
https://www.virustotal.com/en/file/26215bc56dc31d2466d72f1f4e1b6388e62606e9949bc41c28968fcb9a9d60a6/analysis/
https://twitter.com/cyb3rops/status/575754658230177792
http://t.co/da6o5NocAO
http://blog.didierstevens.com/2015/03/11/vba-maldoc-we-dont-want-no-stinkin-sandboxvirtual-pc
https://twitter.com/cyb3rops/status/575754388951724033
http://t.co/v20gR3dqR8
http://blog.sucuri.net/2015/03/inverted-wordpress-trojan.html
https://twitter.com/cyb3rops/status/575703755716444160
https://t.co/iQYtRJMaDg
https://github.com/Neo23x0/Loki/blob/master/signatures/spy_equation_fiveeyes.yar#L354
https://twitter.com/cyb3rops/status/575668035341651968
http://t.co/7jvudGeXjX
http://ow.ly/Kciup
https://twitter.com/cyb3rops/status/575570956640501760
http://t.co/eKqvT4w9mn
http://www.theregister.co.uk/2015/03/10/elastic_search_vuln/
https://twitter.com/cyb3rops/status/575432013928402944
http://t.co/kb6EaArvG2
http://krebsonsecurity.com/2015/03/microsoft-fixes-stuxnet-bug-again/
https://twitter.com/cyb3rops/status/575414412863016962
https://t.co/JE0bPkukch
https://firstlook.org/theintercept/2015/03/10/ispy-cia-campaign-steal-apples-secrets/
https://twitter.com/cyb3rops/status/575282780139036672
https://t.co/UqAR9sxWDe
https://t.co/qdwEirKKFM
https://www.hybrid-analysis.com/search?query=vxfamily%3AGen:Variant.Zusy
https://www.hybrid-analysis.com/search?query=host%3A210.59.2.20
https://twitter.com/cyb3rops/status/575204575734579200
https://twitter.com/cyb3rops/status/574989540986916865
https://t.co/FB8FxyxJdU
https://www.nccgroup.com/en/blog/2015/03/derusbi-a-case-study-in-rapid-capability-development/
https://twitter.com/cyb3rops/status/574966830730706944
https://t.co/81foM1FkRx
https://t.co/ODEMOd500K
https://www.virustotal.com/en/file/7d1e5c4afb1682087d86e793b3fc5a8371dc7c28e27e7196e3b258934f6bafb5/analysis/
https://github.com/Neo23x0/Loki/blob/master/signatures/apt_snowglow_babar.yar
https://twitter.com/cyb3rops/status/574357179479814144
https://twitter.com/cyb3rops/status/574011588463751170
https://t.co/HctehEtsN1
https://nakedsecurity.sophos.com/2015/03/06/from-the-labs-new-developments-in-microsoft-office-malware/?utm_source=Naked%2520Security%2520-%2520Feed&utm_medium=feed&utm_content=rss2&utm_campaign=Feed&utm_reader=feedly
https://twitter.com/cyb3rops/status/574011189761540097
http://t.co/osgIPxdVx9
http://blog.trendmicro.com/trendlabs-security-intelligence/zero-day-vulnerability-found-in-mongodb-administration-tool-phpmoadmin/
https://twitter.com/cyb3rops/status/573898146515914753
http://t.co/McRBhWC5Ar
http://securityintelligence.com/wordpress-ghost-vulnerability/
https://twitter.com/cyb3rops/status/573897801106604032
https://t.co/0LeuCyMOcb
https://www.f-secure.com/weblog/archives/00002795.html
https://twitter.com/cyb3rops/status/573790908136583169
https://twitter.com/cyb3rops/status/573774238840135680
https://t.co/sfu0uHocTv
https://github.com/Neo23x0/Loki/blob/master/signatures/apt_casper.yar
https://twitter.com/cyb3rops/status/573627812684369924
http://t.co/vEpceezdPm
http://itsecurityguru.org/darkhotel-carbanak-data-set-link-discovered/#.VPjoGxa9LCQ
https://twitter.com/cyb3rops/status/573604456807415808
https://t.co/sfu0uHocTv
http://t.co/AW052W5pIW
https://github.com/Neo23x0/Loki/blob/master/signatures/apt_casper.yar
http://www.welivesecurity.com/2015/03/05/casper-malware-babar-bunny-another-espionage-cartoon/
https://twitter.com/cyb3rops/status/573257391162171392
http://t.co/aWLkrLyhgN
http://blog.trendmicro.com/trendlabs-security-intelligence/pwnpos-old-undetected-pos-malware-still-causing-havoc/
https://twitter.com/cyb3rops/status/573257158613188609
http://t.co/oTzQAH5saM
http://malware.dontneedcoffee.com/2015/03/cryptofortress-teeraca-aka.html
https://twitter.com/cyb3rops/status/573256817024864258
http://t.co/AbVrgRI8qG
http://phishme.com/decoding-zeus-disguised-as-an-rtf-file/
https://twitter.com/cyb3rops/status/573256065455919104
https://t.co/Z8g5jIhvZu
https://www.f-secure.com/weblog/archives/00002793.html
https://twitter.com/cyb3rops/status/573166498367348736
http://t.co/72IoKUWnvi
http://threatpost.com/domain-shadowing-latest-angler-exploit-kit-evasion-technique/111396
https://twitter.com/cyb3rops/status/572785923676626944
https://t.co/uRetdU7BTp
https://www.rackspace.com/blog/exploit-kits-and-cryptowall-3-0/
https://twitter.com/cyb3rops/status/572505119876653056
http://t.co/5Uks1ei1He
http://www.fireeye.com/blog/threat-research/2015/03/ads_gone_bad.html
https://twitter.com/cyb3rops/status/572439126282252288
https://t.co/GCw1hZeM8A
https://www.virusbtn.com/virusbulletin/archive/2015/02/vb201502-Caphaw
https://twitter.com/cyb3rops/status/571975079812333568
https://t.co/ZGqZ3wWQpn
https://www.youtube.com/watch?v=vXr-2hwTk58
https://twitter.com/cyb3rops/status/571964959971794944
https://twitter.com/cyb3rops/status/571623222749368320
https://t.co/EZwGpKq30Q
https://www.fireeye.com/blog/threat-research/2015/02/angler_exploit_kitu.html
https://twitter.com/cyb3rops/status/571099525420589056
http://t.co/h8uBWzo091
http://pastebin.com/f0zFCqVN
https://twitter.com/cyb3rops/status/571026085347004417
http://t.co/Bvopfs91zy
http://blog.sucuri.net/2015/02/malware-cleanup-to-arbitrary-file-upload-in-gravity-forms.html
https://twitter.com/cyb3rops/status/570925634328907776
http://t.co/0z9I9oFlix
http://t.co/GAw82ORpLk
http://pastebin.com/fMkHri93
http://blogs.cisco.com/security/talos/malicious-pngs
https://twitter.com/cyb3rops/status/570910342638903297
https://t.co/SRQhYERwx7
https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--FHS-Null-Byte-Attack-(CVE-2014-6287)-Attempts-to-Install-DDoS-Malware-(Iptablex)/
https://twitter.com/cyb3rops/status/570910161281392640
http://t.co/V2oM6wm2NI
http://krebsonsecurity.com/2015/02/webnic-registrar-blamed-for-hijack-of-lenovo-google-domains/
https://twitter.com/cyb3rops/status/570858269343932416
http://t.co/AX9TOlXExB
http://electrospaces.blogspot.gr/2015/02/nsa-and-gchq-stealing-sim-card-keys-few.html?m=1
https://twitter.com/cyb3rops/status/570703798961881088
http://t.co/32ifbzcfvc
http://blog.trendmicro.com/trendlabs-security-intelligence/2014-spam-landscape-upatre-trojan-still-top-malware-attached-to-spam/
https://twitter.com/cyb3rops/status/570625269259755520
http://t.co/92ARH40ONW
http://phishme.com/dridex-password-bypass-extracting-macros-and-rot13/
https://twitter.com/cyb3rops/status/570124998830120960
http://t.co/nUwQ33mRhr
http://pwc.blogs.com/cyber_security_updates/2015/02/my-entry.html
https://twitter.com/cyb3rops/status/568887950181851138
http://t.co/8kglVwZ4qA
http://pastebin.com/Zmi8jP61
https://twitter.com/cyb3rops/status/568789631485005824
https://t.co/rRsMPoj9Jn
https://threatpost.com/costin-raiu-on-the-equation-group-apt/111169
https://twitter.com/cyb3rops/status/568472426805370881
http://t.co/bED0DEywXJ
http://blog.erratasec.com/2015/02/extracting-superfish-certificate.html
https://twitter.com/cyb3rops/status/568472329384284162
https://t.co/95GHnLjg9f
https://blog.gdatasoftware.com/blog/article/babar-espionage-software-finally-found-and-put-under-the-microscope.html
https://twitter.com/cyb3rops/status/568393584568893441
https://t.co/VI65YE7Hz4
http://t.co/lokKLfhLcx
https://malwr.com/analysis/ZjUzZDNkNTdjMmRjNDRkNzkwZmYwYmQwMjgyZTA3Y2U/
http://pastebin.com/iPUF8sdW
https://twitter.com/cyb3rops/status/568327844432089088
http://t.co/OZJFxiKhr9
http://pastebin.com/CjV812Gk
https://twitter.com/cyb3rops/status/568164424667811840
https://t.co/95GHnLjg9f
https://blog.gdatasoftware.com/blog/article/babar-espionage-software-finally-found-and-put-under-the-microscope.html
https://twitter.com/cyb3rops/status/568057609678401536
http://t.co/FYYiwMZf0m
http://motherboard.vice.com/read/meet-babar-a-new-malware-almost-certainly-created-by-france
https://twitter.com/cyb3rops/status/568056064052228096
http://t.co/8kglVwZ4qA
http://pastebin.com/Zmi8jP61
https://twitter.com/cyb3rops/status/567989740965912576
http://t.co/Ky6Dxlg4dF
http://goo.gl/0EnGyJ
https://twitter.com/cyb3rops/status/567768238671794176
https://t.co/T9SoCcb1TQ
https://securelist.com/blog/research/68817/the-desert-falcons-targeted-attacks/
https://twitter.com/cyb3rops/status/567744949891137536
http://t.co/Lc5Rt6jNi0
http://arstechnica.com/security/2015/02/how-omnipotent-hackers-tied-to-the-nsa-hid-for-14-years-and-were-found-at-last/
https://twitter.com/cyb3rops/status/567693352649629696
https://t.co/mgQvAYlB7V
https://www.f-secure.com/weblog/archives/00002791.html
https://twitter.com/cyb3rops/status/567692630533107713
http://t.co/vjTzJqI9aa
http://hackaday.com/2015/02/14/reverse-engineering-apples-lightning-connector/
https://twitter.com/cyb3rops/status/567598441908690945
http://t.co/WfpgUjbMXH
http://contagiodump.blogspot.de/2015/02/equation-samples-from-kaspersky-report.html
https://twitter.com/cyb3rops/status/567593137003319296
http://t.co/pMgDZU2KVJ
http://blog.trendmicro.com/trendlabs-security-intelligence/banking-malware-vawtrak-now-uses-malicious-macros-abuses-windows-powershell/
https://twitter.com/cyb3rops/status/567573656977817600
http://t.co/HAey8IXBzV
http://ift.tt/1Binh58
https://twitter.com/cyb3rops/status/567479407632461825
https://t.co/H0CNN5IV5w
https://securelist.com/files/2015/02/Equation_group_questions_and_answers.pdf
https://twitter.com/cyb3rops/status/567451528483852288
http://t.co/kKzh8uqjxe
https://t.co/iVDVnoPEiD
http://pastebin.com/P0Fb9DPb
https://www.dropbox.com/s/latggdox9s3xv4t/Equation_x86_x64.zip?dl=0
https://twitter.com/cyb3rops/status/566237308282994688
http://t.co/nWylHxccrr
http://blog.malwarebytes.org/fraud-scam/2015/02/amazon-notice-ticket-number-phish-seeks-card-details/
https://twitter.com/cyb3rops/status/566013097710981120
http://t.co/sG4QA4uszB
http://blogs.technet.com/b/mmpc/archive/2015/02/11/microsoft-steps-up-in-industry-efforts-on-mitigating-false-positives.aspx
https://twitter.com/cyb3rops/status/565941079800049664
http://t.co/ZM1uKm7nUI
http://www.malwaretech.com/2015/02/rig-exploit-kit-possible-source-code.html
https://twitter.com/cyb3rops/status/565940740891897857
http://t.co/URUGjWLLYz
http://blog.trendmicro.com/trendlabs-security-intelligence/ctb-locker-ransomware-spoofs-chrome-and-facebook-emails-as-lures-linked-to-phishing/
https://twitter.com/cyb3rops/status/565553797351895040
http://t.co/CtVKHxSLco
http://research.zscaler.com/2015/02/ongoing-angler-exploit-kit-and-bedep.html?m=1
https://twitter.com/cyb3rops/status/565553627985874946
http://t.co/bpBFfzfPfR
http://malware.dontneedcoffee.com/2015/02/cve-2015-0313-flash-up-to-1600296-and.html?m=1
https://twitter.com/cyb3rops/status/565157657531936768
https://twitter.com/cyb3rops/status/565136382239469569
https://t.co/Ki7yDHaVEr
https://github.com/plusvic/yara/releases/tag/v3.3.0
https://twitter.com/cyb3rops/status/564919910623895553
https://t.co/cvssuSs8DQ
https://www.binarydefense.com/bds/active-phishing-campaign-with-powershell-injection/
https://twitter.com/cyb3rops/status/564844985330458624
http://t.co/BwC8KnOrcB
https://t.co/OK14oQ2Ope
http://pastebin.com/gFhtnmF1
https://krebsonsecurity.com/2015/02/anthem-breach-may-have-started-in-april-2014/#more-29825
https://twitter.com/cyb3rops/status/564828532875227136
https://t.co/b4UHrrOrgU
https://www.f-secure.com/weblog/archives/00002788.html
https://twitter.com/cyb3rops/status/564827883190099968
http://t.co/MOgKNm7lwV
http://krebsonsecurity.com/2015/02/anthem-breach-may-have-started-in-april-2014/
https://twitter.com/cyb3rops/status/564759844826406912
https://t.co/9MI11M4sQe
https://github.com/hillu/go-yara
https://twitter.com/cyb3rops/status/564543788757319680
http://t.co/7T82shCoJj
http://bot24.blogspot.com/2015/02/responder-windows-version.html
https://twitter.com/cyb3rops/status/564453413191417856
http://t.co/FfEYorfsPL
http://krebsonsecurity.com/2015/02/china-to-blame-in-anthem-hack/
https://twitter.com/cyb3rops/status/564422333356847104
https://twitter.com/cyb3rops/status/564412784545644544
http://t.co/RyRst0klh4
http://pastebin.com/AaZByLKk
https://twitter.com/cyb3rops/status/564112877611941889
http://t.co/tsLieIxFS2
http://t.co/lkUrThFlOm
http://Hybrid-Analysis.com
http://payload-security.blogspot.de/2015/02/the-evolution-of-vxstream-sandbox-and.html?m=1
https://twitter.com/cyb3rops/status/563639689358610432
http://t.co/Kl0KSPiFEQ
http://aptnotes.malwareconfig.com/
https://twitter.com/cyb3rops/status/563625367614025728
https://t.co/A6nnVVE9t7
https://www.hybrid-analysis.com/sample/533b6d52d49acbba2de30d6a73fea1711b121c6bc0c2d9201375a61cafd3ee59/
https://twitter.com/cyb3rops/status/563435241923416065
https://t.co/RrrDmz8hfr
https://forsec.nl/2015/02/windows-credentials-phishing-using-metasploit/
https://twitter.com/cyb3rops/status/563434781078487040
http://t.co/g59hHa8Zjf
http://www.fireeye.com/blog/threat-research/2015/02/anatomy_of_a_brutef.html
https://twitter.com/cyb3rops/status/563434034286833664
http://t.co/42eKIaAf0G
http://community.websense.com/blogs/securitylabs/archive/2015/02/05/angler-exploit-kit-operating-at-the-cutting-edge.aspx
https://twitter.com/cyb3rops/status/562864731833511937
http://t.co/3Zce6A51BW
http://blog.malwarebytes.org/exploits-2/2015/02/hanjuan-ek-fires-third-flash-player-0day/
https://twitter.com/cyb3rops/status/562724119645810688
http://t.co/saD8GLKdfa
http://blog.trendmicro.com/trendlabs-security-intelligence/a-closer-look-at-the-exploit-kit-in-cve-2015-0313-attack/
https://twitter.com/cyb3rops/status/562698570546282496
http://t.co/pcWUTmiMmr
http://blog.sucuri.net/2015/02/creative-evasion-technique-against-website-firewalls.html
https://twitter.com/cyb3rops/status/561535722331856898
http://t.co/BbSepsNgsY
http://research.zscaler.com/2015/01/exploit-kits-anatomy-of-sliverlight.html?m=1
https://twitter.com/cyb3rops/status/561225733868367872
http://t.co/pTAAIWXTHg
http://pwc.blogs.com/cyber_security_updates/2015/01/flash-alert-on-dridex-phishing-campaigns.html
https://twitter.com/cyb3rops/status/561225548685647872
http://t.co/lLksWG4vGr
http://blog.trendmicro.com/trendlabs-security-intelligence/new-dyre-variant-hijacks-microsoft-outlook-expands-targeted-banks/
https://twitter.com/cyb3rops/status/560884827696939009
https://twitter.com/cyb3rops/status/560522373049647106
http://t.co/ohx6iVA3DX
http://digital-forensics.sans.org/blog/2015/01/28/whats-new-in-windows-application-execution
https://twitter.com/cyb3rops/status/560345340424257536
http://t.co/pwHcgOfd0l
http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2015-0016-escaping-the-internet-explorer-sandbox/
https://twitter.com/cyb3rops/status/560197955488337921
http://t.co/LwrjrzRfDo
http://product.reverb.com/2015/01/28/patching-cve-2015-0235-aka-ghost-2/
https://twitter.com/cyb3rops/status/560047221216141312
https://t.co/yx6IQwNm3u
https://securelist.com/blog/research/68525/comparing-the-regin-module-50251-and-the-qwerty-keylogger/
https://twitter.com/cyb3rops/status/559734931363213314
http://t.co/BmzBLMA0TJ
http://blog.trendmicro.com/trendlabs-security-intelligence/analyzing-cve-2015-0311-flash-zero-day-vulnerability/
https://twitter.com/cyb3rops/status/559734814082097152
http://t.co/5pBGSVBhh6
http://www.darknet.org.uk/2015/01/oat-oracle-auditing-tools-database-security/
https://twitter.com/cyb3rops/status/559703344001073153
https://t.co/a7IzFvgwWv
https://mises.org/library/new-liberty/0
https://twitter.com/cyb3rops/status/559702798364057600
http://t.co/rF35OaAXrl
http://t.co/lCxg9YZ2dW
http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/waterbug-attack-group.pdf
http://pastebin.com/p8gbvBhE
https://twitter.com/cyb3rops/status/559646445884960769
http://t.co/rF35OaAXrl
http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/waterbug-attack-group.pdf
https://twitter.com/cyb3rops/status/558964765230645249
https://t.co/6GI4QPZxLu
https://github.com/jlund/streisand
https://twitter.com/cyb3rops/status/558660549878513665
https://t.co/SCJjpiNh95
https://ciphershed.org/
https://twitter.com/cyb3rops/status/558559972368592896
http://t.co/wyJDkbHiKC
http://securelist.com/blog/research/68438/an-analysis-of-regins-hopscotch-and-legspin/
https://twitter.com/cyb3rops/status/558524493921288192
http://t.co/flh7C0Gjw3
http://www.symantec.com/connect/blogs/scarab-attackers-took-aim-select-russian-targets-2012
https://twitter.com/cyb3rops/status/558280817244643328
https://t.co/0cpVAHnplr
https://www.bluecoat.com/security-blog/2015-01-20/reversing-inception-apt-malware
https://twitter.com/cyb3rops/status/558214237840240640
https://t.co/iWGyI9GJtt
https://securelist.com/blog/research/68438/an-analysis-of-regins-hopscotch-and-legspin/
https://twitter.com/cyb3rops/status/558159291182751744
http://t.co/Pr1Zzbpb3X
http://blog.didierstevens.com/2015/01/22/converting-peid-signatures-to-yara-rules/
https://twitter.com/cyb3rops/status/557639057350856704
https://t.co/bjs71DDjle
https://isc.sans.edu/diary/Finding+Privilege+Escalation+Flaws+in+Linux/19207
https://twitter.com/cyb3rops/status/557421295798079488
http://t.co/3k27b7NLAz
http://technet.microsoft.com/en-us/sysinternals/dn798348
https://twitter.com/cyb3rops/status/557419387452657664
http://t.co/CejxSNU765
http://pwc.blogs.com/cyber_security_updates/2015/01/destructive-malware.html
https://twitter.com/cyb3rops/status/557275746671263745
https://t.co/YON4WKuvkK
https://github.com/Neo23x0/Loki
https://twitter.com/cyb3rops/status/557220086856290304
http://t.co/O9ns9RG4VY
http://pastebin.com/KsNVHqYr
https://twitter.com/cyb3rops/status/556770231482609666
http://t.co/O9ns9RG4VY
http://t.co/WSCDtqC96d
http://pastebin.com/KsNVHqYr
http://www.spiegel.de/media/media-35668.pdf
https://twitter.com/cyb3rops/status/556557546518237185
https://t.co/ysgfhzC9UR
https://github.com/bwall/HashPump
https://twitter.com/cyb3rops/status/556405315567378432
http://t.co/n2LDedemcn
http://www.darknet.org.uk/2015/01/openvas-7-released-open-source-vulnerability-scanner/
https://twitter.com/cyb3rops/status/556148827116568578
http://t.co/CpjTHk0nJ1
http://phishme.com/evolution-upatre-dyre/
https://twitter.com/cyb3rops/status/556148488694943744
http://t.co/RHukzm36FE
http://blog.didierstevens.com/2015/01/16/update-oledump-py-version-0-0-6
https://twitter.com/cyb3rops/status/556092787025006592
http://t.co/Z19HUqmMKE
http://www.moddb.com/mods/the-dawn-of-the-tiberium-age
https://twitter.com/cyb3rops/status/556090850795847680
https://twitter.com/cyb3rops/status/556090650811465729
https://t.co/g4yZDqy7eF
https://www.hybrid-analysis.com/sample/59f1ddaeca42548744ae303396ac38f8ada7bdbf8888d6628e8f3fdea4a2f109/
https://twitter.com/cyb3rops/status/556051418994708480
https://t.co/jW4SWDKQjm
https://www.youtube.com/watch?v=EqG3tR5Zu6E
https://twitter.com/cyb3rops/status/555824719388499968
https://twitter.com/cyb3rops/status/555823271166636032
http://t.co/0ogu0kCioj
http://community.websense.com/blogs/securitylabs/archive/2015/01/15/evolution-of-an-exploit-kit-nuclear-pack.aspx
https://twitter.com/cyb3rops/status/555822061244137472
https://twitter.com/cyb3rops/status/555723558371196929
https://t.co/BK8o6QOY9v
https://blog.gdatasoftware.com/blog/article/evolution-of-sophisticated-spyware-from-agentbtz-to-comrat.html
https://twitter.com/cyb3rops/status/555392423682404352
http://t.co/4mAH0XEcua
http://www.darknet.org.uk/2015/01/pwntools-ctf-framework-exploit-development-library/
https://twitter.com/cyb3rops/status/555391801008603136
http://t.co/biwhLAJP0Z
http://blog.malwaremustdie.org/2015/01/mmd-0030-2015-new-elf-malware-on.html?m=1
https://twitter.com/cyb3rops/status/555388982268555264
https://twitter.com/cyb3rops/status/555138421988274177
http://t.co/CSVp47PZVT
http://blogs.technet.com/b/mmpc/archive/2015/01/13/msrt-january-2015-dyzap.aspx
https://twitter.com/cyb3rops/status/554968071585406976
http://t.co/Tv7fpE2wDI
http://www.secureworks.com/cyber-threat-intelligence/threats/skeleton-key-malware-analysis/
https://twitter.com/cyb3rops/status/554961543600033792
https://t.co/nFD2JF8gL3
https://github.com/Neo23x0/SkeletonKeyScanner
https://twitter.com/cyb3rops/status/554681654372216833
https://t.co/MiGcefF9QT
https://firstlook.org/theintercept/2015/01/12/dusty-foggo-scott-horton/
https://twitter.com/cyb3rops/status/554560047414796288
https://twitter.com/cyb3rops/status/554227759493693440
http://t.co/agMM69D9J8
http://malware.dontneedcoffee.com/2015/01/inside-android-lockout-system-aka.html
https://twitter.com/cyb3rops/status/554226286688993280
http://t.co/vej4r9CgLB
http://www.darknet.org.uk/2015/01/bluescan-bluetooth-device-scanner/
https://twitter.com/cyb3rops/status/553630067335888897
http://t.co/DwDtWvRVtP
http://research.zscaler.com/2015/01/chanitor-downloader-actively-installing.html
https://twitter.com/cyb3rops/status/553542332419964929
https://t.co/KL7ole7iEj
https://www.hybrid-analysis.com/sample/4c2efe2f1253b94f16a1cab032f36c7883e4f6c8d9fc17d0ee553b5afb16330c/
https://twitter.com/cyb3rops/status/553521477291479041
https://t.co/s6Ich3Qc0T
https://threatpost.com/microsoft-limits-advanced-patch-notifications-to-premier-customers/110294
https://twitter.com/cyb3rops/status/553493870500401152
https://t.co/FblOnhMg6o
https://www.hybrid-analysis.com/sample/8bf8de1a1a20c6467b072763ccd112b7007baf79e8baedf0cf491f776e16d562/
https://twitter.com/cyb3rops/status/553311363666567169
http://t.co/nO668p9r7L
http://blog.malwarebytes.org/malvertising-2/2015/01/major-malvertising-campaign-hits-sites-with-combined-total-monthly-traffic-of-1-5bn-visitors/
https://twitter.com/cyb3rops/status/553310575091277825
https://t.co/p1gO04c1u3
https://www.fireeye.com/content/fireeye-www/global/en/www/blog/threat-research/2015/01/flare_ida_pro_script.html
https://twitter.com/cyb3rops/status/553250194016706560
https://t.co/JGMCLTJalw
https://gist.github.com/wxsBSD/019740e83faa7a7206f4
https://twitter.com/cyb3rops/status/552873729525837824
http://t.co/etAwDVXv8W
http://blog.sucuri.net/2015/01/website-backdoors-leverage-the-pastebin-service.html
https://twitter.com/cyb3rops/status/552462805182742528
https://t.co/yZ0bd6TiiW
https://pond.imperialviolet.org/
https://twitter.com/cyb3rops/status/551956989396668417
http://t.co/qGPY297Gld
http://ift.tt/1BoiUUf
https://twitter.com/cyb3rops/status/549623544662204418
http://t.co/RPpXGrUpu3
http://m.spiegel.de/international/germany/a-1010361.html#spRedirectedFrom=www&referrrer=
https://twitter.com/cyb3rops/status/548611131615772674
http://t.co/2mMvlUJPJv
http://blog.trendmicro.com/trendlabs-security-intelligence/patches-not-cure-all-for-shellshock/
https://twitter.com/cyb3rops/status/548610044808687616
http://t.co/NbAmJlIKb9
http://blog.sucuri.net/2014/12/new-malware-campaign-wpcache-blogger-affects-thousands-more-wordpress-websites-via-revslider.html
https://twitter.com/cyb3rops/status/548609873051914240
http://t.co/Yehb1SypF8
http://blog.malwarebytes.org/fraud-scam/2014/12/santas-fake-christmas-offers-infect-pcs-with-banking-trojan/
https://twitter.com/cyb3rops/status/547288119536799744
http://t.co/4mDY572iLK
http://www.unix-ninja.com/p/A_cheat-sheet_for_password_crackers
https://twitter.com/cyb3rops/status/547169121256095745
http://t.co/2brIausk42
http://research.zscaler.com/2014/12/top-security-features-added-to-android.html?m=1
https://twitter.com/cyb3rops/status/547066637195943936
https://t.co/G4CgW8JKbp
https://www.fox-it.com/en/press-releases/anunak/
https://twitter.com/cyb3rops/status/546956384273588224
https://t.co/eSlNT1bSWY
https://bugzilla.redhat.com/show_bug.cgi?id=1176037
https://twitter.com/cyb3rops/status/546739530741841920
http://t.co/fpdIubz9Aj
http://www.threatconnect.com/news/operation-poisoned-helmand/
https://twitter.com/cyb3rops/status/546335607229022208
https://t.co/9SKx5wKXPx
https://rhn.redhat.com/errata/RHSA-2014-2025.html
https://twitter.com/cyb3rops/status/546327855224086528
http://t.co/a8VNV2wJEQ
http://pastebin.com/H5LCC9QL
https://twitter.com/cyb3rops/status/546232433407164416
https://t.co/DO4y8zVx5H
https://www.us-cert.gov/ncas/alerts/TA14-353A
https://twitter.com/cyb3rops/status/546019490946097153
https://t.co/mT9ZDd5Waf
https://labs.mwrinfosecurity.com/blog/2014/12/16/digging-into-ms14-068-exploitation-and-defence/
https://twitter.com/cyb3rops/status/545695591528157184
http://t.co/jTUOEKrIC3
http://blog.spiderlabs.com/2014/12/alina-pos-malware-sparks-off-a-new-variant.html
https://twitter.com/cyb3rops/status/545334115428741120
http://t.co/7FkXDcPVZ0
http://www.theregister.co.uk/2014/12/17/icann_hacked_admin_access_to_zone_files/
https://twitter.com/cyb3rops/status/544879185962233856
http://t.co/B9pKPmwL0F
http://blog.sucuri.net/2014/12/soaksoak-payload-analysis-evolution-of-compromised-sites-ie-11.html
https://twitter.com/cyb3rops/status/544878941262327808
http://t.co/E0Opgn5tZc
http://www.welivesecurity.com/2014/12/16/torrentlocker-racketeering-ransomware-disassembled-by-eset-experts/
https://twitter.com/cyb3rops/status/544850189992083456
http://t.co/D8x1BruMvs
http://pastebin.com/wBYCejm5
https://twitter.com/cyb3rops/status/544820542290010113
http://t.co/iRa2XYu5gX
http://blog.trendmicro.com/trendlabs-security-intelligence/malware-campaign-targets-south-korean-banks-uses-pinterest-as-cc-channel/
https://twitter.com/cyb3rops/status/544633060617383937
http://t.co/I8CKMBN11p
http://www.malwaretech.com/2014/12/ophionlocker-proof-anyone-really-can.html
https://twitter.com/cyb3rops/status/544543434342957058
http://t.co/aBM4Rgc6sg
http://blog.cybersecurity-airbusds.com/post/2014/12/Vinself
https://twitter.com/cyb3rops/status/544540301055246336
http://t.co/608TRVEeo9
http://phishme.com/ms-word-macros-now-social-engineering-malware/
https://twitter.com/cyb3rops/status/543759323844079616
https://t.co/f55eLHdiv4
https://firstlook.org/theintercept/2014/12/13/belgacom-hack-gchq-inside-story/
https://twitter.com/cyb3rops/status/543571676462858240
http://t.co/oOowupX61A
http://www.darknet.org.uk/2014/12/oryon-c-portable-open-source-intelligence-osint-framework/
https://twitter.com/cyb3rops/status/543494858032553984
https://twitter.com/cyb3rops/status/543492667859275776
https://t.co/Ts6Fhg3eC4
https://www.virustotal.com/en/file/770b8a9be2743ad5a623805dd539f674944fe7ac8598ebf55daeca9789d50133/analysis/
https://twitter.com/cyb3rops/status/543152708921094144
http://t.co/nIhDpvghj3
http://www.hackinsight.org/news,150.html
https://twitter.com/cyb3rops/status/543089614974910464
https://twitter.com/cyb3rops/status/542824578566078465
http://t.co/OcYUsdf63g
http://pastebin.com/ZadrPngs
https://twitter.com/cyb3rops/status/542798403298922497
https://twitter.com/cyb3rops/status/542451078797594625
http://t.co/M0yL75zzwD
http://securelist.com/blog/security-policies/68073/destover-malware-now-digitally-signed-by-sony-certificates/
https://twitter.com/cyb3rops/status/542366893408260099
http://t.co/GHl3zAZXJB
http://www.cert.pl/news/9484/langswitch_lang/en
https://twitter.com/cyb3rops/status/541986454805966849
https://t.co/eaAKAauTZr
https://www.hybrid-analysis.com/sample/3ee111cc732be03175676fea2389335ea8605bd04fa54fe783f2e5b6c5ff8a87/
https://twitter.com/cyb3rops/status/541218999707901952
https://twitter.com/cyb3rops/status/540857347489660928
https://twitter.com/cyb3rops/status/540262471064645632
http://t.co/bBRfz3R3IT
http://jjjjj.us/EJ
https://twitter.com/cyb3rops/status/540225782296363008
http://t.co/HINkQx3jz4
http://blog.virustotal.com/2014/12/a-closer-look-at-mac-os-x-executables.html
https://twitter.com/cyb3rops/status/540202156226519040
https://t.co/TQ1BvrEqXk
https://securelist.com/blog/opinions/67928/the-art-of-finding-cyber-dinosaur-skeletons/
https://twitter.com/cyb3rops/status/539860307049738242
https://twitter.com/cyb3rops/status/539858278210347009
http://t.co/BlTnn7RFD0
http://pastebin.com/ThDHKQYS
https://twitter.com/cyb3rops/status/539855043449856000
https://twitter.com/cyb3rops/status/539850290821087233
http://t.co/hJGmxNlgwv
http://www.cylance.com/operation-cleaver/
https://twitter.com/cyb3rops/status/539693991709913088
https://t.co/LlDVBwCzh2
https://www.virustotal.com/en/file/627dc5599c28de3c494496399b39f3aac7049586e72cbdb08bea01bf40166c23/analysis/
https://twitter.com/cyb3rops/status/538970100465139713
http://t.co/MMqMqUnchG
http://www.darungrim.org/
https://twitter.com/cyb3rops/status/538756480376537088
https://t.co/rvxU1KvvHV
https://github.com/Neo23x0/ReginScanner
https://twitter.com/cyb3rops/status/538241144984207361
https://twitter.com/cyb3rops/status/538176228415778816
https://t.co/rvxU1KvvHV
https://github.com/Neo23x0/ReginScanner
https://twitter.com/cyb3rops/status/538011066203373570
https://t.co/rvxU1KvvHV
https://github.com/Neo23x0/ReginScanner
https://twitter.com/cyb3rops/status/537907462960324608
http://t.co/x8CDZx2f84
http://pastebin.com/0ZEWvjsC
https://twitter.com/cyb3rops/status/537595298596810752
http://t.co/jb42Gsq6SE
http://pastebin.com/KvE8Ei0R
https://twitter.com/cyb3rops/status/537510440742682624
https://twitter.com/cyb3rops/status/537503077683970048
https://twitter.com/cyb3rops/status/537374160524431360
https://twitter.com/cyb3rops/status/537202777421017088
https://t.co/5eeT67msg0
https://www.shellterproject.com/introducing-shellter/
https://twitter.com/cyb3rops/status/537166792637313025
http://t.co/iWJ63ZqxwW
http://www.harmj0y.net/blog/powershell/dumping-a-domains-worth-of-passwords-with-mimikatz-pt-2/
https://twitter.com/cyb3rops/status/537149455406235648
https://twitter.com/cyb3rops/status/536974298054156288
https://t.co/m2LthfmIt4
https://firstlook.org/theintercept/2014/11/24/secret-regin-malware-belgacom-nsa-gchq/
https://twitter.com/cyb3rops/status/536905656486596608
http://t.co/RoVPSBaKc9
http://www.wired.com/2014/11/mysteries-of-the-malware-regin/
https://twitter.com/cyb3rops/status/536792687828287488
http://t.co/x8CDZx2f84
http://pastebin.com/0ZEWvjsC
https://twitter.com/cyb3rops/status/536656776180289536
https://t.co/0hr5zCdGAj
https://www.fireeye.com/blog/threat-research/2014/11/operation_doubletap.html
https://twitter.com/cyb3rops/status/536498944000659456
http://t.co/lyrbHGFTKj
http://malware.dontneedcoffee.com/2014/11/cve-2014-6332.html
https://twitter.com/cyb3rops/status/536496985113915392
https://t.co/BtYF7AC24m
https://securelist.com/blog/virus-watch/67699/a-nightmare-on-malware-street/
https://twitter.com/cyb3rops/status/535705370048868352
http://t.co/ijC0E1brZI
http://de.slideshare.net/mobile/ASF-WS/asfws-2014-rump-session
https://twitter.com/cyb3rops/status/535558333391192064
http://t.co/oOmM5mI9e0
http://0x1338.blogspot.co.at/2014/11/hunting-bunnies.html
https://twitter.com/cyb3rops/status/535432194215665664
http://t.co/pFNGMbNot6
http://blog.trendmicro.com/trendlabs-security-intelligence/a-peek-inside-a-pos-scammers-toolbox/
https://twitter.com/cyb3rops/status/534790894734802944
http://t.co/yuIqH9dipC
http://blogs.technet.com/b/srd/archive/2014/11/18/additional-information-about-cve-2014-6324.aspx
https://twitter.com/cyb3rops/status/534585481674358784
http://t.co/pBgN5JbVZs
http://contagiodump.blogspot.com/2014/11/alienspy-java-rat-samples-and-traffic.html
https://twitter.com/cyb3rops/status/534564445637603328
http://t.co/Ja0XQkUI2k
http://ift.tt/1qQFNYy
https://twitter.com/cyb3rops/status/534469392088973312
https://twitter.com/cyb3rops/status/534402075648856065
https://twitter.com/cyb3rops/status/533834576926621696
http://t.co/rcXa6b3ODY
http://ift.tt/1A1cJG5
https://twitter.com/cyb3rops/status/533421818062073856
http://t.co/vWFneYNHVZ
http://research.zscaler.com/2014/11/evolution-of-upatre-trojan-downloader.html?m=1
https://twitter.com/cyb3rops/status/533223695100428288
http://t.co/F8gajyQX4n
http://1337day.com/exploit/description/22863
https://twitter.com/cyb3rops/status/533199128034304000
http://t.co/IzJrwMscfj
http://emergingthreats.net/daily-ruleset-update-summary-11132014/
https://twitter.com/cyb3rops/status/532894168931389440
http://t.co/Iq0iDooP0d
http://www.symantec.com/connect/blogs/operation-cloudyomega-ichitaro-zero-day-and-ongoing-cyberespionage-campaign-targeting-japan
https://twitter.com/cyb3rops/status/532509704560586752
https://t.co/XGSk4JWbaO
https://blog.gdatasoftware.com/blog/article/the-uroburos-case-new-sophisticated-rat-identified.html
https://twitter.com/cyb3rops/status/531819435494232064
https://t.co/BztguHmtKw
https://github.com/plusvic/yara/releases/tag/v3.2.0
https://twitter.com/cyb3rops/status/531774853259743233
https://t.co/VngxFHdZdY
https://securelist.com/blog/research/66779/the-darkhotel-apt/
https://twitter.com/cyb3rops/status/530542581151989760
http://t.co/J3tZeJQwuV
http://ift.tt/10BXbJL
https://twitter.com/cyb3rops/status/530256325771812864
https://t.co/aAlCzuJdeL
https://github.com/PaloAltoNetworks-BD/WireLurkerDetector
https://twitter.com/cyb3rops/status/530105872572489728
http://t.co/cOkPPNSp0M
http://blog.sucuri.net/2014/11/malicious-injector-in-swf-adobe-flash-file.html
https://twitter.com/cyb3rops/status/530104494680707072
http://t.co/x3lCrmFM4g
http://www.fireeye.com/blog/technical/2014/11/operation-poisoned-handover-unveiling-ties-between-apt-activity-in-hong-kongs-pro-democracy-movement.html
https://twitter.com/cyb3rops/status/529949109323853824
http://t.co/Jlytql84ax
http://www.sophos.com/en-us/medialibrary/PDFs/technical%20papers/sophos-rotten-tomato-campaign.pdf
https://twitter.com/cyb3rops/status/528961476233809922
http://t.co/7yZ3X4q2rc
http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2014-4115-analysis-malicious-usb-disks-allow-for-possible-whole-system-control/
https://twitter.com/cyb3rops/status/528633448962228225
https://twitter.com/cyb3rops/status/528392235214462976
https://t.co/nut1hCqIhE
https://public.gdatasoftware.com/Presse/Publikationen/Whitepaper/EN/GDATA_TooHash_CaseStudy_102014_EN_v1.pdf
https://twitter.com/cyb3rops/status/528235575477030912
https://t.co/SXdw0K5PRO
https://blog.malwarebytes.org/exploits-2/2014/10/exposing-the-flash-eitest-malware-campaign/
https://twitter.com/cyb3rops/status/527816238924582912
https://t.co/EdLXnmtHef
https://ics-cert.us-cert.gov/alerts/ICS-ALERT-14-281-01A
https://twitter.com/cyb3rops/status/526897714223931392
http://t.co/yoeAK6f1Dn
http://www.netresec.com/?page=Blog&month=2014-10&post=Full-Disclosure-of-Havex-Trojans
https://twitter.com/cyb3rops/status/524567150774980608
http://t.co/uqi7Xp70J2
http://pwc.blogs.com/cyber_security_updates/2014/10/orcarat-a-whale-of-a-tale.html
https://twitter.com/cyb3rops/status/520940998688800769
http://t.co/ckZ76jY3SV
http://researchcenter.paloaltonetworks.com/2014/09/recent-watering-hole-attacks-attributed-apt-group-th3bug-using-poison-ivy/
https://twitter.com/cyb3rops/status/520750165805002752
http://t.co/hwhEZwOVek
http://matasano.com/research/PEST-CONTROL.pdf
https://twitter.com/cyb3rops/status/520560083147960320
http://t.co/WxWwb3JC7h
http://www.volexity.com/blog/?p=33
https://twitter.com/cyb3rops/status/520191492095496192
https://twitter.com/cyb3rops/status/519124179342602240
http://t.co/ikAlKWUS8L
http://researchcenter.paloaltonetworks.com/2014/10/new-indicators-compromise-apt-group-nitro-uncovered/
https://twitter.com/cyb3rops/status/518493967940595712
https://twitter.com/cyb3rops/status/518484752899518464
https://twitter.com/cyb3rops/status/518395994321743874
http://t.co/mVkhT1LzrN
http://www.bsk-consulting.de/2014/10/04/smart-dll-execution-malware-analysis-sandbox-systems/
https://twitter.com/cyb3rops/status/517657911859093504
https://twitter.com/cyb3rops/status/517653777764339712
https://twitter.com/cyb3rops/status/517651571275218944
http://t.co/7xI5iXueF8
http://ift.tt/1rMgRoI
https://twitter.com/cyb3rops/status/517647422752043008
https://twitter.com/cyb3rops/status/517030221649043456
https://twitter.com/cyb3rops/status/515801861086248960
http://t.co/g72HRkhZXT
http://rubular.com/r/zxBfjWfFYs
https://twitter.com/cyb3rops/status/515799341676888067
https://t.co/xZqiIWG7ni
https://gist.github.com/wilkinson/9fedbacb6917c9cf6e36
https://twitter.com/cyb3rops/status/515564281052823552
http://t.co/JH296YbrHw
http://rubular.com/r/A4OXJPOu1Z
https://twitter.com/cyb3rops/status/515468901652914176
https://t.co/AhUPcSQUZi
https://gist.github.com/anonymous/929d622f3b36b00c0be1
https://twitter.com/cyb3rops/status/515453464403775488
http://t.co/JH296YbrHw
http://rubular.com/r/A4OXJPOu1Z
https://twitter.com/cyb3rops/status/515449353910353922
https://twitter.com/cyb3rops/status/515445605217615872
https://twitter.com/cyb3rops/status/514463474341404674
http://t.co/QrIRtMB1Et
http://goo.gl/zoe7vU
https://twitter.com/cyb3rops/status/513335620140564480
https://twitter.com/cyb3rops/status/508396774944694273
http://t.co/LsZXG9E0fE
http://t.co/rOq4NWHFiL
http://www.opswat.com/blog/sustained-spear-phishing-attack-breaches-more-300-companies
http://pastebin.com/EXPHUjAW
https://twitter.com/cyb3rops/status/507838978184445952
http://t.co/TnoJXDrA2H
http://www.fireeye.com/blog/technical/botnet-activities-research/2014/09/darwins-favorite-apt-group-2.html
https://twitter.com/cyb3rops/status/507521993596731392
http://t.co/RBJNnCrw1B
http://blog.9bplus.com/watching-attackers-through-virustotal/
https://twitter.com/cyb3rops/status/505080942965579776
http://t.co/8bq7xpsLvd
http://www.bsk-consulting.de/2014/08/28/scan-system-files-manipulations-yara-inverse-matching-22/
https://twitter.com/cyb3rops/status/504975282861006848
http://t.co/loxhE6P2DQ
http://blog.trendmicro.com/trendlabs-security-intelligence/netis-routers-leave-wide-open-backdoor/
https://twitter.com/cyb3rops/status/504241205325357056
https://t.co/QZ6aCVNQeZ
https://github.com/plusvic/yara/releases/tag/v3.1.0
https://twitter.com/cyb3rops/status/502959423477002240
https://t.co/tjHTERt5fe
https://www.us-cert.gov/ncas/alerts/TA14-212A
https://twitter.com/cyb3rops/status/502741321841639424
http://t.co/dQ8OI4j4dJ
http://yara.readthedocs.org/en/latest/modules.html
https://twitter.com/cyb3rops/status/502473731311427584
http://t.co/lshJ4adp6z
http://pastebin.com/rufy9rdT
https://twitter.com/cyb3rops/status/502421234282659841
https://twitter.com/cyb3rops/status/502346596647190528
https://twitter.com/cyb3rops/status/502055770100600832
https://t.co/fj2CR50kXe
https://github.com/blacktop/language-yara
https://twitter.com/cyb3rops/status/501332420860600320
http://t.co/e7t8UPvdcN
http://www.pacs-portal.co.uk/startup_search.php
https://twitter.com/cyb3rops/status/500617002755850240
http://t.co/PUr1jSbjPb
http://urlquery.net/report.php?id=1408190762321
https://twitter.com/cyb3rops/status/500549044117458944
https://t.co/aRtSCrgW7o
https://github.com/STIXProject/openioc-to-stix
https://twitter.com/cyb3rops/status/500281412399149056
https://twitter.com/cyb3rops/status/499541706921213952
https://t.co/k00o73zfF7
https://github.com/plusvic/yara/releases/tag/v3.0.0
https://twitter.com/cyb3rops/status/497730047865024512
http://t.co/3k27b7f7qv
http://technet.microsoft.com/en-us/sysinternals/dn798348
https://twitter.com/cyb3rops/status/497628679225483264
http://t.co/lNa4gI68qY
http://www.fireeye.com/blog/technical/targeted-attack/2014/08/operation-poisoned-hurricane.html
https://twitter.com/cyb3rops/status/497628483145965568
http://t.co/77FcbxBQqy
http://securelist.com/analysis/publications/65545/the-epic-turla-operation/
https://twitter.com/cyb3rops/status/497150614103535616
https://twitter.com/cyb3rops/status/496900390202671104
https://t.co/7lfdOb7Syh
https://code.google.com/p/malicious-domain-profiling/wiki/ReadMe
https://twitter.com/cyb3rops/status/493757317020913665
https://twitter.com/cyb3rops/status/492590846496505856
http://t.co/QJPBp4mWZ3
http://techanarchy.net/2014/07/dark-comet-campaign/
https://twitter.com/cyb3rops/status/491886958453739520
https://t.co/K6nm7OVrKx
https://github.com/MITRECND/yaraprocessor
https://twitter.com/cyb3rops/status/491087367193645057
http://t.co/lIxcmbsOVC
http://ift.tt/1sCHb5M
https://twitter.com/cyb3rops/status/490458575761080320
https://t.co/ngHfSgug7s
https://github.com/kbandla/APTnotes
https://twitter.com/cyb3rops/status/489330228121317376
http://t.co/USZyCTjVXf
http://www.garykessler.net/library/file_sigs.html
https://twitter.com/cyb3rops/status/488938306596786176
http://t.co/9evlqHQtRU
http://malware.dontneedcoffee.com/2014/07/from-alureonwowliks-to-poweliks-botnet.html
https://twitter.com/cyb3rops/status/487598510909702145
http://t.co/78UUHo6W09
http://blog.roberthaist.com/2013/12/restoring-windows-cmd-sessions-from-pagefile-sys-2/
https://twitter.com/cyb3rops/status/487582309034782720
http://t.co/HfpWletHLX
http://blog.cassidiancybersecurity.com/post/2014/07/The-Eye-of-the-Tiger2
https://twitter.com/cyb3rops/status/483867518218829824
http://t.co/yymzsuwijF
http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/Dragonfly_Threat_Against_Western_Energy_Suppliers.pdf
https://twitter.com/cyb3rops/status/483694773640126465
http://t.co/adFIaELmtU
http://www.sophos.com/en-us/medialibrary/pdfs/technical%20papers/plugx-thenextgeneration.pdf
https://twitter.com/cyb3rops/status/477022655514955776
https://twitter.com/cyb3rops/status/476623996948324354
http://t.co/ZJNOrB1nVx
http://online.wsj.com/article/PR-CO-20140610-907002.html
https://twitter.com/cyb3rops/status/476615330874523648
https://twitter.com/cyb3rops/status/476613285689978880
http://t.co/QxhiaMVtEd
http://www.crowdstrike.com/sites/default/files/putterpanda.txt
https://twitter.com/cyb3rops/status/476609007101431808
http://t.co/uQHOATD2j9
http://pastebin.com/B2jNMrM8
https://twitter.com/cyb3rops/status/476447225128964096
https://twitter.com/cyb3rops/status/476400551576752128
https://t.co/9L2oIQ7ZfQ
https://blogs.rsa.com/new-pandemiya-trojan-emerges-alternative-zeus-based-variants/
https://twitter.com/cyb3rops/status/476137345591570433
http://t.co/0jLparHmE4
http://resources.crowdstrike.com/putterpanda/
https://twitter.com/cyb3rops/status/476136597478735872
http://t.co/QxhiaMVtEd
http://www.crowdstrike.com/sites/default/files/putterpanda.txt
https://twitter.com/cyb3rops/status/475196619349315584
https://twitter.com/cyb3rops/status/473878410641817601
https://twitter.com/cyb3rops/status/473872796981157888
https://twitter.com/cyb3rops/status/473353051588546560
https://twitter.com/cyb3rops/status/473206019146145792
https://t.co/epDoASqhFb
https://www.circl.lu/pub/tr-24/
https://twitter.com/cyb3rops/status/471232866144501760
http://t.co/5gyAd4qP9B
http://www.bsk-consulting.de/2014/05/27/inverse-yara-signature-matching/
https://twitter.com/cyb3rops/status/470963980870381568
https://twitter.com/cyb3rops/status/469512730370932738
http://t.co/B9NhJz33JR
http://zerodayinitiative.com/advisories/ZDI-14-140/
https://twitter.com/cyb3rops/status/466950706591961088
http://t.co/WH8NWAxJR6
http://goo.gl/nswyOP
https://twitter.com/cyb3rops/status/466361825219837952
https://t.co/YnZkbA1WAY
https://technet.microsoft.com/library/security/2871997
https://twitter.com/cyb3rops/status/462148379204911104
http://t.co/Z4ab57fC6H
http://pastebin.com/jebp9aUs
https://twitter.com/cyb3rops/status/461844426273587201
https://t.co/Ru5UhBBIXo
https://docs.google.com/spreadsheet/ccc?key=0AjvsQV3iSLa1dDFfWHduQlA5THBRd081eFhsZThwUlE#gid=0
https://twitter.com/cyb3rops/status/460483496101052416
http://t.co/RH8hPXU6CL
http://feedly.com/e/0NNchA2b
https://twitter.com/cyb3rops/status/458625039005659136
http://t.co/1bY9QGGtf4
http://www.verizonenterprise.com/DBIR/
https://twitter.com/cyb3rops/status/455708910075518976
http://t.co/uGMkp4nsuO
http://blog.malwaremustdie.org/2014/04/when-hacker-gets-hacked-disclosure.html
https://twitter.com/cyb3rops/status/452913182978637824
http://t.co/ce1uRKAm9W
http://www.decalage.info/en/signsrch2yara
https://twitter.com/cyb3rops/status/452911217930436609
http://t.co/VLM1JBNRIa
http://files.xakep.biz/exploit_packs/
https://twitter.com/cyb3rops/status/451420658313203712
https://t.co/ayVF3yH6Cd
https://malwr.com/analysis/ZmYxMGQ4ZjI2ZmQ4NGU2ZDk1NDgwZmIxNGY1NTFhMmY/
https://twitter.com/cyb3rops/status/448406378731032576
http://t.co/0ZmVzuBVUg
http://www.amazon.com/Rtfm-Red-Team-Field-Manual/dp/1494295504/
https://twitter.com/cyb3rops/status/442780854293897216
http://t.co/benmrancFP
http://info.baesystemsdetica.com/rs/baesystems/images/snake_whitepaper.pdf
https://twitter.com/cyb3rops/status/441200079450681344
https://t.co/xoRow7uCda
https://github.com/plusvic/yara/releases/tag/2.1.0
https://twitter.com/cyb3rops/status/436506987497799680
http://t.co/LKkcxOcWoc
http://www.crowdstrike.com/blog/mo-shells-mo-problems-deep-panda-web-shells/index.html
https://twitter.com/cyb3rops/status/435183606232023041
http://t.co/7ehDYuKWIQ
http://pastebin.com/xHCbFnMH
https://twitter.com/cyb3rops/status/433159406055096320
http://t.co/WRL2cML9sO
http://pastebin.com/MmnzcSiY
https://twitter.com/cyb3rops/status/432814387473428480
http://t.co/xKHdS8YPCc
http://pastebin.com/HmV7cmbD
https://twitter.com/cyb3rops/status/432640572554510336
https://t.co/PSrOT47nGy
https://github.com/Neo23x0/ImpHash-Generator
https://twitter.com/cyb3rops/status/427028280303439872
https://t.co/hiPvASDcwC
https://github.com/Neo23x0/Yara-BRG
https://twitter.com/cyb3rops/status/426607679092850688
http://t.co/qdRxheKhe6
http://www.emc.com/collateral/white-papers/h12756-wp-shell-crew.pdf
https://twitter.com/cyb3rops/status/423490136387903488
http://t.co/yfLJ0X9QGz
http://pastebin.com/VRJaW57U
https://twitter.com/cyb3rops/status/420662202421764096
http://t.co/reLUX9YfSO
http://blog.trendmicro.com/trendlabs-security-intelligence/64-bit-zbot-leverages-tor-improves-evasion-techniques/
https://twitter.com/cyb3rops/status/418802593071386624
https://twitter.com/cyb3rops/status/418726227210674176
http://t.co/7D9U1dmswk
http://pastebin.com/6210i7KJ
https://twitter.com/cyb3rops/status/410694528954552320
http://t.co/6D2d5Mr3i1
http://youtu.be/ApAFU5ROo10
https://twitter.com/cyb3rops/status/408230387744116736
http://t.co/Rib7P06zAs
http://nakedsecurity.sophos.com/2013/12/04/new-plugx-malware-variant-takes-aim-at-japan
https://twitter.com/cyb3rops/status/407591440756113408
http://t.co/RyE7BMnKNW
http://iocbucket.com/
https://twitter.com/cyb3rops/status/403940309186662400
http://t.co/Yh7oHbyxoO
http://ift.tt/1g2wmRQ
https://twitter.com/cyb3rops/status/396127460087300096
http://t.co/AX7y4rMOUb
http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/
https://twitter.com/cyb3rops/status/393575452289138688
http://t.co/Q6Hgurphv9
http://technet.microsoft.com/en-us/sysinternals/bb897441
https://twitter.com/cyb3rops/status/381726678147682304
https://twitter.com/cyb3rops/status/380306073753628672
http://t.co/2Cvr5WzL7b
http://goo.gl/abEKdh
https://twitter.com/cyb3rops/status/374786476493373440
http://t.co/7NWaYjjCSb
http://goo.gl/y9xts8
https://twitter.com/cyb3rops/status/366886044160892929
http://t.co/Zsd93cbV4n
http://t.co/R13bffOK2y
http://pastebin.com/r4xJwFFz
http://goo.gl/SZIhtO
https://twitter.com/cyb3rops/status/356874303591038976
http://t.co/FNQ7arjZyS
http://blog.trendmicro.com/trendlabs-security-intelligence/targeted-attacks-hit-asian-european-government-agencies/
https://twitter.com/cyb3rops/status/355394512266334208
http://t.co/SrKbcGBCrs
http://goo.gl/ft4CJ
https://twitter.com/cyb3rops/status/355389845608214529
http://t.co/SrKbcGBCrs
http://goo.gl/ft4CJ
https://twitter.com/cyb3rops/status/352533914524450816
http://t.co/Sg1geSXPUC
http://hooked-on-mnemonics.blogspot.de/2011/12/yara-md5.html?m=0